The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes standard development commands such as npx tsc --noEmit and npm test for verifying code quality and running tests. These are standard practices in a Node.js development environment.
[DATA_EXFILTRATION]: No network operations or data transmission to external or untrusted domains were identified. The focus is entirely on local code generation and project structure.
[PROMPT_INJECTION]: The instructions do not contain any patterns attempting to override agent safety guidelines, bypass filters, or extract system prompts. The 'Guardrails' section correctly restricts the agent to user-facing needs and existing architectural patterns.
[REMOTE_CODE_EXECUTION]: There are no patterns involving the download and execution of remote scripts or the installation of untrusted dependencies. The use of npx and npm is scoped to the local project environment.
[CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or sensitive credential paths were found. The skill follows best practices by using environment-agnostic code examples.
[SAFE]: The skill promotes secure coding practices, including using validation schemas (Zod), centralized error handling to avoid leaking stack traces, and following a service/repository layer pattern to separate concerns and protect the database layer.

design-api