The Agent Skills Directory

[SAFE]: The skill's primary function is the automated generation of markdown documentation (api_spec.md and database_schema.md) based on the presence of backend or database components in a project. It does not execute external scripts, install unverified packages, or perform network exfiltration.
[DATA_EXPOSURE]: The skill processes project-specific metadata such as API endpoints, authentication schemes, and database schemas. This data is used solely to populate documentation templates and is not sent to external servers. The skill explicitly searches for configuration patterns in files like .env.example to provide accurate documentation without accessing or exposing actual secrets.
[PROMPT_INJECTION]: The skill ingests untrusted data from the project codebase (e.g., route names, database model names) to generate descriptions. It mitigates potential indirect prompt injection risks by enforcing the 'NO_CODE_EXAMPLES' rule, which prohibits implementation-level code fences (e.g., JavaScript, Python, Rust) in the generated output, effectively preventing the generation of executable malicious snippets.
[EXTERNAL_DOWNLOADS]: The skill identifies and includes links to official documentation for various technologies (e.g., Microsoft Learn for .NET, MDN for JavaScript, and official Python documentation). These resources are well-known and trusted, and their inclusion follows the standard protocol for generating context-aware developer documentation.
[COMMAND_EXECUTION]: The workflow involves local file system checks and content replacement within templates. It does not use unsafe execution functions like eval() or exec() with external input, nor does it perform administrative system modifications.

ln-113-backend-docs-creator