The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local commands to perform its auditing duties, specifically using ripgrep (rg) for pattern matching and running a local validation script (python3 scripts/validate_skills.py). This is standard behavior for a repository maintenance tool.
[PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill is designed to read and process the contents of other skill definition files (skills/*/SKILL.md).
Ingestion points: Content is read from various markdown files including SKILL.md, README.md, AGENTS.md, and CLAUDE.md.
Boundary markers: The instructions do not explicitly require the use of delimiters or 'ignore' instructions when reading these external files.
Capability inventory: The skill has access to Bash for command execution and Write/Edit for file modification.
Sanitization: No explicit sanitization or filtering of the ingested content is mentioned. This surface is assessed as low risk given the skill's primary purpose of auditing local project resources.

skill-system-auditor