The Agent Skills Directory

[SAFE]: The skill provides a comprehensive and professional framework for Java white-box auditing, following industry-standard methodologies.
[COMMAND_EXECUTION]: The documentation references standard command-line tools such as jar and de-compilation utilities (CFR, Procyon, FernFlower). These are used strictly for the legitimate purpose of analyzing code artifacts and do not include any malicious or hidden execution patterns.
[PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines was found. The 'Evidence Contract' system (EVID_*) serves as a grounding mechanism to ensure results are based on code evidence rather than AI inference.
[DATA_EXFILTRATION]: No network activity or attempts to exfiltrate sensitive data were detected. References to sensitive data paths and network functions occur solely within the context of vulnerability definitions for the audit targets.
[EXTERNAL_DOWNLOADS]: The skill mentions external de-compilation tools but does not provide automated scripts or direct links to download them from unverified sources.

java-audit-pipeline