The Agent Skills Directory

[SAFE]: The skill's operational logic is centered on generating documentation and design rationale. It does not contain any instructions to execute arbitrary shell commands, access sensitive system files (e.g., SSH keys), or establish unauthorized network connections.
[PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data such as API specifications and data models, which presents an inherent surface for indirect prompt injection. This is necessary for its function as an API designer. The risk is mitigated by explicit instructions to include validation rules and sanitization checklists. Evidence Chain: 1. Ingestion points: User-supplied API specs and schemas (SKILL.md). 2. Boundary markers: Employs 'Contract First' and 'Design-First' workflows to define strict inputs. 3. Capability inventory: No dangerous tool invocation; outputs are limited to markdown logging and spec generation. 4. Sanitization: Includes a dedicated 'Input Validation Checklist' in 'references/api-security-patterns.md' for sanitizing string inputs and validating schemas.

gateway