The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains strings typically associated with prompt injection, such as "Ignore all previous instructions" and "disregard all prior rules". However, these appear exclusively in the context of teaching defensive strategies, security mitigations, and identifying common attack patterns. There are no attempts to override the agent's own operating instructions or bypass safety filters.
[EXTERNAL_DOWNLOADS]: The skill provides numerous references to external documentation and research papers from trusted industry sources including Anthropic, OpenAI, Google, and OWASP. These references are informative and do not involve the automatic download or execution of untrusted scripts.
[COMMAND_EXECUTION]: No dangerous shell commands or unauthorized system operations were found. The skill describes logic for processing user arguments to determine operating modes (guide, review, design), which is a standard functional pattern for this type of advisor skill.
[DATA_EXFILTRATION]: The instructions explicitly advocate for security best practices, including PII redaction, credential scoping, and human-in-the-loop approval for destructive actions. No patterns indicating credential harvesting or unauthorized data transmission were detected.
[REMOTE_CODE_EXECUTION]: The skill mentions composition with other agent skills (Dash0 observability skills) using a standard Skill() invocation pattern. This is a legitimate feature for modular agent design and does not constitute unauthorized remote code execution.

ai-engineering