The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Bash to execute standard Git commands (git ls-files, git diff, git log) to analyze project structure and history. These commands are hardcoded or derived from Git state, posing no command injection risk.
[PROMPT_INJECTION]: No direct prompt injection or safety bypass patterns were detected. An indirect prompt injection surface is present as the skill ingests source code from the project to generate behavioral rules; however, this is inherent to its primary purpose of codebase alignment.
Ingestion points: Reads project source files during full-scan and incremental sniff modes.
Boundary markers: Documented conventions are stored in .ai-style-rules.md and referenced in CLAUDE.md.
Capability inventory: Read, Write, Edit, Bash, AskUserQuestion.
Sanitization: No explicit sanitization is performed on code comments or naming patterns read from the codebase.
[SAFE]: The skill implements a "Grilling Protocol" that requires user interaction for resolving conflicts, preventing autonomous misinterpretation of coding styles. Persistent configuration changes (such as modifying settings.json for enforcement hooks) are explicitly gated by the AskUserQuestion tool to ensure user consent.

inherit-legacy-style