rag-cag-security

Quick Review

This skill provides clear security patterns for RAG/CAG systems with practical code examples for tenant isolation, access control, and prompt injection prevention. The description adequately covers when to use the skill, and the structure is logical with distinct sections. Code snippets demonstrate key concepts like metadata filtering and document-level permissions. However, novelty is limited as these are relatively straightforward security patterns that a capable CLI agent could derive with moderate prompting. The skill would benefit from more complex implementation details (e.g., complete sanitization functions, encryption strategies, audit logging patterns) to justify meaningful token/cost savings over direct agent implementation.