The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains a dedicated 'Prompt Injection Safety Notice' that explicitly instructs the agent to treat all data from analyzed configuration files as untrusted and to ignore any instructions or prompts embedded within that data.\n- [DATA_EXFILTRATION]: The skill promotes secure credential management by advising users to use environment variable substitution rather than hardcoding secrets. It does not include any commands for external data transmission.\n- [EXTERNAL_DOWNLOADS]: References to external GitHub Actions (e.g., zaproxy/action-baseline) target well-known, reputable security tools and organizations. These are documented as part of standard DevSecOps integration patterns.\n- [COMMAND_EXECUTION]: Tool usage is restricted to 'Read', 'Grep', and 'Glob' in the frontmatter. The instructions focus on pattern matching and file content review without invoking dangerous shell commands or arbitrary code execution.\n- [INDIRECT_PROMPT_INJECTION]: The skill defines a clear ingestion surface (DAST configuration files) but provides mandatory safety boundaries and instructs the agent to treat findings neutrally, mitigating the risk of instructions embedded in analyzed security reports or configs.

dast-config