The Agent Skills Directory

Configuration Assessment Purpose: The skill is designed to analyze project structures (Java, .NET, JS/TS) and produce a detailed report of configuration sources, build profiles, and runtime settings. This is standard behavior for project assessment and modernization tools.
Handling of Sensitive Information: The instructions include a clear directive to identify sensitive configuration entries, such as database passwords and API keys, while explicitly requiring that actual values be masked in the final output. This reduces the risk of credential exposure in the generated documentation.
Project Data Ingestion: The skill processes local files from the workspace, such as configuration and build scripts. This represents a potential surface for indirect prompt injection if the files being analyzed contain malicious instructions; however, the risk is mitigated by the skill's limited capabilities, which are restricted to reading and writing local documentation files.
Ingestion points: Configuration and build files within the workspace-path (e.g., .env, pom.xml, appsettings.json).
Boundary markers: The skill relies on predefined output templates but does not implement specific boundary markers for the data extracted from input files.
Capability inventory: The operation is restricted to file system read and write access for documentation purposes; no network or code execution capabilities are requested.
Sanitization: The skill prioritizes safety by instructing the agent to replace sensitive values with placeholders like [MASKED].

configuration-inventory