writing-agent-instructions

Guides users on writing effective agent instructions for agent-native apps, enhancing clarity and usability.

Install this skill

50/100

Security score

The writing-agent-instructions skill was audited on Jun 6, 2026 and we found 6 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 197

Template literal with variable interpolation in command context

SourceSKILL.md

197	but values must be placeholders (`<OPENAI_API_KEY>`, `${keys.SLACK_WEBHOOK}`) or

high line 201

Template literal with variable interpolation in command context

SourceSKILL.md

201	OAuth, and `${keys.NAME}` substitution for extension/automation outbound HTTP.

medium line 190

Webhook reference - potential data exfiltration

SourceSKILL.md

190	skill, action, webhook, integration, or extension touches external services.

medium line 192

Webhook reference - potential data exfiltration

SourceSKILL.md

192	tokens, webhook URLs, signing secrets, OAuth refresh tokens, private

medium line 196

Webhook reference - potential data exfiltration

SourceSKILL.md

196	Examples may name credential keys such as `OPENAI_API_KEY` or `SLACK_WEBHOOK`,

medium line 197

Webhook reference - potential data exfiltration

SourceSKILL.md

197	but values must be placeholders (`<OPENAI_API_KEY>`, `${keys.SLACK_WEBHOOK}`) or

Scanned on Jun 6, 2026

View Security Dashboard

Installation guide →

GitHub Stars 464

Rate this skill

Categoryproduct

UpdatedJune 10, 2026

claude claude-code frontend docx api database testing devops product-manager technical-pm ux-writer growth-pm project-manager product design project management

BuilderIO/agent-native