The Agent Skills Directory

[PROMPT_INJECTION]: Manual review of the static analysis hint confirmed a false positive. The string "Ignore previous instructions" found in references/patterns/security.md is part of an educational code block illustrating how prompt injection attacks work to teach developers about defensive sanitization techniques.
[COMMAND_EXECUTION]: The skill utilizes standard command-line utilities such as tree, ripgrep (rg), grep, and find to map the project structure and locate MCP-related definitions. These operations are essential for the skill's purpose as an auditing tool and are used in a non-destructive, exploration-first manner.
[EXTERNAL_DOWNLOADS]: The skill suggests using the official MCP Inspector (@modelcontextprotocol/inspector) via the npx package runner to verify optimizations. This is a standard and expected development tool within the Model Context Protocol ecosystem.
[DATA_EXPOSURE]: As a diagnostic tool, the skill reads source code files within the user's repository. It includes explicit security guidelines and patterns for implementing servers, such as PII tokenization and the use of delegated permissions, to ensure that data exposure risks are mitigated in production MCP environments.

optimize-mcp-server