The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests untrusted data from user code, error logs, and web content (ingestion points). It lacks explicit boundary markers to separate data from instructions and does not mention sanitization of external content. Given its access to Bash and filesystem operations (capability inventory), this creates an attack surface for indirect prompt injection where malicious content in processed files could influence agent behavior.\n- [EXTERNAL_DOWNLOADS]: The skill installs the Delve debugger and the errcheck linter from their respective GitHub repositories. These are standard, well-known utilities in the Go ecosystem and their installation is appropriate for the skill's purpose.\n- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute Go commands, run tests, and perform debugging sessions with Delve. These capabilities are necessary and consistent with the documented goal of troubleshooting Go programs. The use of scoped bash permissions for specific binaries is a notable security best practice.

golang-troubleshooting