The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches security taxonomy and rules from the official Project CodeGuard repository on GitHub to define sources, sinks, and sanitizers.
[PROMPT_INJECTION]: Surface for indirect prompt injection due to external data ingestion. 1. Ingestion points: Remote rules and configuration tables fetched from github.com/cosai-oasis/project-codeguard. 2. Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands within the ingested rule data. 3. Capability inventory: The workflow involves translating data into tool-specific configurations (CodeQL, Semgrep) and executing verification steps. 4. Sanitization: Absent; the skill lacks explicit validation or filtering of the fetched content before processing.

taint-instrumentation-assistant