The Agent Skills Directory

[SAFE]: The skill provides educational and procedural content for security researchers. No malicious or unauthorized code execution patterns were detected.
[SAFE]: The shell commands included in the documentation, such as curl and wget, are intended for the agent to perform legitimate security assessments of target APIs and do not target the host environment.
[SAFE]: All documented payloads (SQLi, XSS, SSRF, etc.) are standard industry examples used for identifying vulnerabilities and are not executed by the skill itself.
[SAFE]: The skill does not include any external dependencies, third-party packages, or remote code execution mechanisms.
[SAFE]: There are no signs of obfuscation, metadata poisoning, or hidden data exfiltration logic.

api-fuzz