The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses subprocesses to execute ast-grep for structural code analysis and the gh command-line tool for interacting with GitHub. These commands are used to identify code patterns, exports, and repository metadata.\n- [EXTERNAL_DOWNLOADS]: The skill performs network operations to access remote repositories on GitHub using the gh API to retrieve release information and file contents during version detection.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it ingests and analyzes untrusted external source code, manifest files, and documentation.\n
Ingestion points: step-02-scan-project.md and step-04-map-and-detect.md read file structures, manifests, and source code content from the target project.\n
Boundary markers: No explicit instruction-ignoring delimiters are mentioned for the source code ingestion phase.\n
Capability inventory: The skill possesses subprocess execution (ast-grep, gh), file writing (report and brief generation), and network access capabilities.\n
Sanitization: No specific sanitization or filtering logic is described for the analyzed code content.

skf-analyze-source