The Agent Skills Directory

Codebase Reconnaissance: The skill uses Bash commands (ls, cat, grep) to identify project structure and dependencies (e.g., package.json, pyproject.toml). This is a standard pattern for an analysis tool and is used here to inform its recommendations.
Indirect Prompt Injection Surface: The skill ingests untrusted data from the local project environment, such as library names and configurations. While this represents a potential surface for indirect prompt injection if a project file contained malicious instructions, the skill's read-only nature and the requirement for user intervention to implement recommendations effectively mitigate this consideration.
Educational Use of Dynamic Context: The reference materials provided within the skill include examples of dynamic context injection (the !command syntax). These are used strictly as templates and documentation for the user's own skill development and do not execute commands automatically during the loading or operation of this specific skill.
Safe Dependency Recommendations: The skill recommends official and well-known MCP servers and plugins (e.g., GitHub, Supabase, Playwright). These recommendations are presented as options for the user to install manually, maintaining human-in-the-loop control over the environment.

claude-automation-recommender