The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands and Node.js scripts to manage the local search index and read configuration files. Evidence: Instructions to execute the qmd CLI tool and a bootstrap script (scripts/qmd-bootstrap.ts) using Node.js. It also includes a shell snippet for reading the index name from vault-manifest.json.
[PROMPT_INJECTION]: The skill ingests data from external vault files during search operations, creating a surface for indirect prompt injection if the vault contains malicious instructions. * Ingestion points: Search results retrieved from the vault via mcp__qmd__query or the qmd CLI (SKILL.md). * Boundary markers: Absent; there are no instructions to the agent to treat search results as untrusted content or to ignore embedded instructions. * Capability inventory: The agent has access to shell execution (bash), file system reads, and potentially other tools depending on the environment. * Sanitization: None identified; the skill directly returns snippets from vault files to the agent context.

qmd