The Agent Skills Directory

[SAFE]: The skill instructions and rule sets (e.g., injection-safety.md, authz-checks.md, secrets-in-source.md) are designed to provide security auditing and code quality improvements. They do not contain any instructions that attempt to bypass AI safety guidelines or override system prompts.
[SAFE]: The tool configuration is restricted to 'read_file', which is appropriate for its stated purpose of reviewing code. There are no network-enabled tools or tools that permit file system modification requested in the frontmatter.
[SAFE]: No obfuscated content, hidden strings, or suspicious encoding techniques (Base64, zero-width characters, etc.) were found in any of the skill files.
[SAFE]: The shell scripts provided for validation (validate-output.sh) and testing (run-validation.sh) are standard utility scripts that do not execute remote code or perform suspicious system operations.
[SAFE]: While the skill reviews external code (an indirect prompt injection surface), the risk is mitigated by the restricted toolset and the explicit workflow requirements for verification and evidence-based findings.

code-quality-engine