The Agent Skills Directory

[COMMAND_EXECUTION]: The reference guide references/icon-workflow.md specifies shell commands (qlmanage, mv) to be used for converting SVG icons to PNG. These are standard system utilities used for the stated task of asset management.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes user-provided inputs like skill names that are then interpolated into shell commands.
Ingestion points: Skill names and SVG files in the assets/ directory.
Boundary markers: None present.
Capability inventory: Shell command execution via qlmanage.
Sanitization: No explicit sanitization or validation of the input is requested before execution.

skill-icon-workflow