The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified during the analysis. The skill operates as an informational resource using local scripts and data.
[PROMPT_INJECTION]: The skill instructions define a design-focused persona for the agent and provide styling defaults. No evidence of behavior overrides, safety filter bypasses, or 'jailbreak' patterns was found in the markdown files or CSV data.
[DATA_EXFILTRATION]: There is no access to sensitive system paths (e.g., SSH keys, cloud credentials) or network exfiltration logic. The documentation references a canonical guidelines source on a trusted Vercel GitHub repository.
[REMOTE_CODE_EXECUTION]: The Python scripts (core.py, design_system.py, search.py) use only standard library imports and do not download or execute remote code. There is no usage of unsafe primitives like eval() or exec() on untrusted input.
[COMMAND_EXECUTION]: No usage of subprocesses or system shell calls. The skill's file-writing capability is limited to generating design documentation in markdown format within a local project directory.
[DATA_EXPOSURE]: No hardcoded credentials or secrets were found in the dataset. CSV files contain design tokens, hex codes, and links to public documentation.

@349/starchild-design-pack