The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute multiple shell commands to facilitate code analysis. This includes invoking a compiler (e.g., gcc, clang) with specific flags, running an assembly analysis tool (asm-analyze-cmd), and executing a local Python script (loci_stats.py) to record session statistics. These commands are constructed using variables derived from local project configuration files and session metadata.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) as it processes data from untrusted or external sources to influence agent reasoning and command construction.
Ingestion points: Project configuration from state/project-context.json, session reminders, and structured JSON output from the asm-analyze tool.
Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within the processed tool outputs were identified.
Capability inventory: The agent has the capability to execute shell commands (compilation, analysis scripts, Python) and interact with an MCP server.
Sanitization: The skill does not specify sanitization or validation routines for data ingested from the project context or analyzer outputs before they are used to generate command-line arguments or influence the logic of the preflight report.

loci-preflight