The Agent Skills Directory

[SAFE]: The skill correctly implements AES-256 in Galois/Counter Mode (GCM) using the 'cryptography' library, providing both data confidentiality and integrity through authenticated encryption.\n- [SAFE]: Key derivation follows industry standards (NIST SP 800-132) by employing PBKDF2-HMAC-SHA256 with 600,000 iterations and 128-bit random salts generated via a cryptographically secure pseudo-random number generator (CSPRNG).\n- [SAFE]: The implementation ensures nonce uniqueness for every encryption operation by generating random 96-bit nonces using os.urandom(), which prevents catastrophic failures associated with nonce reuse in GCM.\n- [SAFE]: Indirect Prompt Injection analysis: 1. Ingestion points: The scripts ingest file content from the local filesystem in 'scripts/agent.py' and 'scripts/process.py'. 2. Boundary markers: No explicit delimiters are used as the tool operates on binary data. 3. Capability inventory: The skill is restricted to file read and write operations. 4. Sanitization: Not applicable as the content is treated as raw bytes for cryptographic operations.\n- [SAFE]: Resource Management: While the scripts load files entirely into memory (f.read()), which could lead to exhaustion for very large files, this is a standard implementation for local encryption utilities and not indicative of malicious intent.

implementing-aes-encryption-for-data-at-rest