The Agent Skills Directory

[SAFE]: The skill is designed for technical debt analysis and follows security best practices for repository interaction. No malicious code or exfiltration patterns were found during the analysis.\n- [COMMAND_EXECUTION]: The skill includes a Python script (scripts/legacy_support_scan.py) and a shell script (scripts/git_support_archaeology.sh) that interact with the local git binary. These tools use safe argument lists to identify code changes and history, which is a core and legitimate part of the skill's functionality. The usage of subprocess.check_output in the Python script follows best practices by passing arguments as a list without a shell.\n- [DATA_EXPOSURE]: The scanner script reads file contents and git metadata within the project directory to locate legacy patterns. This data access is appropriately scoped and does not involve accessing sensitive system files or exfiltrating data to external domains.\n- [PROMPT_INJECTION]: The skill handles untrusted data from repository files and pull request descriptions, creating an indirect prompt injection surface. Mitigation involves a robust evidence rubric that requires cross-referencing claims with runtime and data reality.\n
Ingestion points: Local repository files and PR data processed by the scanner script and the agent's review logic.\n
Boundary markers: Candidate records use structured YAML markers in the workflow to isolate legacy support context.\n
Capability inventory: The skill recommends code modifications and uses local git tools for history analysis.\n
Sanitization: The skill's core logic mandates verification against objective evidence levels (E3-E6) defined in resources/evidence_rubric.md, preventing the agent from relying solely on potentially malicious text in code or comments.

legacy-support-adjudication