The Agent Skills Directory

[SAFE]: The skill consists entirely of markdown-based documentation and architectural rules. There are no executable scripts, shell commands, or remote dependencies included in the skill.
[SAFE]: The instructions reinforce security best practices such as mandatory timeouts, idempotency for all remote calls, secrets management using dedicated stores, and strict multi-tenant isolation.
[SAFE]: An indirect prompt injection surface exists because the skill is designed to ingest and analyze external system designs and source code during its 'Audit mode'. Ingestion points: Auditing external source code and system designs as described in SKILL.md and rules/01-architecture-styles-and-decisions.md. Boundary markers: The instructions do not define specific delimiters or warnings for the agent to ignore instructions embedded in audited content. Capability inventory: The skill utilizes the agent's file-reading and reporting capabilities. Sanitization: There is no instruction for sanitizing or escaping the content being audited. This risk is inherent to the auditing function and the skill itself is safe.

sota-architecture