The Agent Skills Directory

[SAFE]: The skill provides a defensive security framework by instructing the agent to scan user-provided code for vulnerabilities such as SQL injection, XSS, and hardcoded credentials. These checks are documentation-based and designed to improve the security of the analyzed code rather than execute malicious actions.\n- [SAFE]: No unauthorized network requests, credential harvesting, or remote code execution patterns were found. The skill relies on static analysis techniques and regex patterns defined in the references/checklists.md and references/workflow.md files.\n- [SAFE]: The skill identifies a surface for indirect prompt injection as it is designed to ingest and analyze untrusted user code. 1. Ingestion points: Code snippets provided for validation as described in SKILL.md. 2. Boundary markers: Absent; there are no specific instructions to use delimiters or ignore instructions within the analyzed code. 3. Capability inventory: The agent is limited to generating validation reports and code corrections; no dangerous tools (e.g., shell access, network requests) are enabled or used in the instructions. 4. Sanitization: Absent. Despite the lack of boundaries and sanitization, the risk is negligible as the skill performs static analysis for a specialized review task and does not grant the agent high-risk autonomy.

frappe-agent-validator