The Agent Skills Directory

[SAFE]: The instructions focus on guiding an agent through legitimate content management tasks in Umbraco CMS using specified tool collections.
[SAFE]: Includes explicit safety rules in SKILL.md and references/guardrails.md that require user confirmation for destructive actions (delete, move to recycle bin) and bulk operations (affecting more than 25 items).
[SAFE]: Encourages security best practices such as checking user permissions before performing mutations and validating data using official Umbraco endpoints.
[SAFE]: The skill defines a clear scope that excludes high-risk operations like schema changes or infrastructure management by default.
[SAFE]: Regarding indirect prompt injection (Category 8): 1. Ingestion points: The skill ingests data from local files (CSV/JSON) via filesystem MCP and content from the Umbraco content tree. 2. Boundary markers: No explicit instruction-ignoring delimiters are defined. 3. Capability inventory: Actions include content CRUD, publishing, and media management within the Umbraco environment. 4. Sanitization: Relies on Umbraco's internal validation endpoints and mandatory user confirmation for high-impact changes, providing sufficient mitigation for the intended use case.

umbraco-mcp-content-ops