The Agent Skills Directory

[SAFE]: The skill uses local shell scripts to perform diagnostic scans of a repository. These scripts utilize common tools like find, grep, ls, and wc to identify the presence of specific files and directory structures related to AI agent instructions, feedback loops, and workflows.
[SAFE]: No network operations, external downloads, or data exfiltration mechanisms were detected. All operations are confined to the local filesystem and intended for repository analysis.
[SAFE]: The shell scripts use quoted variables for file paths and directory names, which helps prevent accidental command injection from unusual file names in the target repository.
[SAFE]: While the skill searches for the existence of sensitive configuration paths (e.g., .env, .vault-token) to verify secrets management practices, it does not attempt to read or exfiltrate the contents of these files.
[SAFE]: The skill identifies an indirect prompt injection surface as it ingests untrusted repository data. Ingestion points: Repository files identified during scanning. Boundary markers: None. Capability inventory: Shell script execution and file read access. Sanitization: None. The risk is safe as the scripts primarily identify file existence and static metadata.

agent-readiness-report