The Agent Skills Directory

Structured Output Sanitization: The skill explicitly instructs the agent to treat all fetched content (PR bodies, issue text, etc.) as untrusted third-party data. It mandates entity-encoding (< to <) and JSON string escaping (< to \u003c) to prevent embedded scripts from executing within the generated HTML artifact.
Controlled Command Execution: The skill utilizes standard development tools like git and gh to retrieve project state. These operations are scoped to the user's local environment and are used to populate the status dashboard rather than to perform administrative changes.
Environment-Specific Data Management: Configuration and local renders are stored in a dedicated persistent data directory (CLAUDE_PLUGIN_DATA), separating the skill's state from the user's primary repository unless specifically requested otherwise.
Content Security Policy (CSP) Compliance: The provided template and instructions acknowledge the strict CSP of the artifact environment, which blocks external network requests from the rendered page, further mitigating risks associated with data exfiltration from the viewer's browser.

project-artifact