Claims
The skill claims to provide a comprehensive offensive security checklist and methodology for auditing AI/LLM systems. It acts as a guide for the agent to perform tasks like prompt injection testing, jailbreaking, model extraction, and assessing data flow and plugin security. It is primarily a knowledge-based skill that instructs the agent on *what* to look for and *how* to structure the audit.
Actual behavior
The skill defines trigger phrases and provides a structured methodology (Hunt, Mechanisms, Shortcut) for the agent to follow. It references external tools (`garak`, `LLMFuzzer`) but does not execute them directly via code in this manifest; rather, it instructs the agent to use them or consider them. It does not contain executable scripts that modify the host system, exfiltrate secrets, or execute arbitrary code. It is a passive, instructional skill.