The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell scripts located at paths relative to the $CLAUDE_PLUGIN_ROOT environment variable, specifically clean-tree-check.sh and detect-base-branch.sh. These are used to verify the repository state and identify the base branch for diff analysis.
[COMMAND_EXECUTION]: The skill performs automated git commit operations during its 'Fix Loop' (Phase 8) to record design fixes atomically. This is an intended feature but grants the agent direct write-and-commit access to the repository.
[PROMPT_INJECTION]: There is a potential surface for Indirect Prompt Injection. The skill ingests untrusted data from external websites (via browser tools like read_page and get_page_text) and browser console logs. This ingested data is then used to inform automated file edits and commits without explicit boundary markers or sanitization logic specified in the instructions.

design-review