Add SafeSkill security badge (86/100 — Passes with Notes)

[OyaAIProd]

⚠️ SafeSkill Security Scan Results

Metric	Value
Overall Score	86/100 (Passes with Notes)
Code Score	100/100
Content Score	61/100
Findings	48 findings detected (6 high)
Taint Flows	0
Files Scanned	0
Scan Duration	0.5s

Top Findings

• 🟠 high: Context boundary escape detected (fake-xml-boundary): "" (specs/done/058-conformance-elicitation-sampling-tools.md:16)
• 🟠 high: Context boundary escape detected (fake-xml-boundary): "" (specs/done/085-mocapi-model-module.md:72)
• 🟠 high: Detected instruction-override attempt: "Replace the prompt" (specs/done/087-migrate-prompts-to-model.md:5)
• 🟠 high: Context boundary escape detected (fake-xml-boundary): "" (specs/done/087-migrate-prompts-to-model.md:38)
• 🟠 high: Context boundary escape detected (fake-xml-boundary): "" (specs/done/094-tool-execution-errors-as-is-error-result.md:21)

View full report on SafeSkill

---

About SafeSkill

SafeSkill is a free, open-source security scanner for AI tools, MCP servers, and Claude Code skills. We scan for code exploits, prompt injection, and data exfiltration risks.

False positive? We take accuracy seriously. If any finding above is incorrect, please open an issue and we will fix it immediately.

• GitHub | Website | Docs
• Built by Oya.ai -- AI Employees Builder

[jwcarman]

The findings look to all be in markdown files? Is that right?