The Agent Skills Directory

[PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines was found. The instructions focus on structured ML delivery workflows and the 'Ralph Loop' iterative thinking process.
[DATA_EXFILTRATION]: No sensitive file access or network exfiltration patterns were detected. The skill actually promotes security best practices, such as de-identification of sensitive data and understanding data access requirements (found in references/feasibility-studies.md).
[CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or instructions to handle credentials insecurely were found.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns or downloads of untrusted scripts were identified. The references to external websites are limited to standard educational resources and documentation.
[COMMAND_EXECUTION]: The skill does not contain any instructions to execute shell commands. It provides guidance on how a team should test their own ML code (e.g., in references/testing-data-science-and-mlops-code.md) but does not invoke commands directly.
[DYNAMIC_EXECUTION]: No evidence of runtime code generation, unsafe deserialization, or dynamic loading of external code was found.
[INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it reads repository documentation and code to provide guidance. However, it lacks high-privilege capabilities like network access or arbitrary file writes, and its primary purpose is informative analysis. (Evidence: SKILL.md ingestion of repo context; references/ml-fundamentals-checklist.md for capability inventory).

dotnet-mcaf-ml-ai-delivery