Skill Security Auditor

This tool audits the provided skillJson content for security risks such as prompt injection, malicious code paths, and potential data exfiltration behaviors, acting as a paranoid security analyst. It accepts two inputs: skillJson, a string containing the full JSON of the skill or playbook to be audited, and depth, a string enum with values fast or deep controlling analysis thoroughness, with deep as the default when not supplied. The worker must analyze only the supplied inputs without adding placeholder data and must output a strict risk score from 0 to 100 along with detailed threat findings derived from the input. All responses from this tool must be returned as JSON that strictly validates against the system-provided structured output schema, with correct types, enums, and no additional unexpected keys.