The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions in SKILL.md direct the agent to utilize standard local development tools, including the TypeScript compiler (tsc), ESLint, and grep, to identify code quality issues and architectural patterns.
[PROMPT_INJECTION]: The skill is designed to ingest and analyze the contents of arbitrary files within a codebase, which constitutes an indirect prompt injection surface.
Ingestion points: SKILL.md (Phase 3: Systematic File Review).
Boundary markers: The prompt does not provide specific delimiters or instructions to treat the codebase file contents as data rather than instructions.
Capability inventory: The skill utilizes file system read/write access (specifically for the .audit/ directory) and command execution for development utilities.
Sanitization: No content sanitization or filtering is specified for the file contents being reviewed.
[PROMPT_INJECTION]: The skill-report.json file contains a self-referential security_audit section that declares the skill as "safe" and characterizes previous security findings as false positives. This metadata is data to be evaluated and does not reflect an authoritative security state.

audit