The Agent Skills Directory

[SAFE]: The skill file contains strictly instructional content aimed at assisting in security audits. It does not contain any executable scripts, obfuscated payloads, or suspicious commands.
[PROMPT_INJECTION]: No attempts to bypass agent safety filters or system instructions were detected. The skill uses task-specific constraints to focus the agent on legitimate security research.
[DATA_EXFILTRATION]: No patterns for unauthorized data access or exfiltration were found. The threat model is correctly scoped to external attack vectors in CI/CD environments.
[REMOTE_CODE_EXECUTION]: The skill does not instruct the agent to download or execute code from untrusted sources. The references mentioned are intended to be local documentation files.

gha-security-review