The Agent Skills Directory

[COMMAND_EXECUTION]: The workflow executes multiple shell-based commands including git (for repository management), ast-grep (for structural analysis), ccc (for rename detection), and qmd (for semantic context). These are used to determine differences between the skill's documentation and the current code state.
[EXTERNAL_DOWNLOADS]: In step-01-init.md, the skill performs a git fetch operation to retrieve upstream tags and commit history. This involves network connectivity to remote Git repositories to detect if the source has moved since the skill was created.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from external SKILL.md files and source code. Maliciously crafted instructions within these processed files could potentially influence the agent's behavior during the audit process. The instructions lack explicit data sanitization or the use of boundary markers (e.g., XML tags) to isolate untrusted content from the system instructions.

skf-audit-skill