The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes git config to retrieve the user's name, email, and the repository's origin URL for metadata population. It also runs npx @cognite/cli to pull the latest versions of review skills used in the certification workflow.\n- [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the latest version of the @cognite/cli tool from the npm registry. This is a standard operation within the vendor's development ecosystem to ensure the latest tooling is used.\n- [PROMPT_INJECTION]: The skill performs an automated pre-scan of the repository, reading data from app.json, package.json, README.md, and project specifications (specs/**/*.md). This exposes an indirect prompt injection surface where malicious repository content could attempt to influence the agent's behavior. Ingestion points: app.json, package.json, README.md, and specs/**/*.md. Boundary markers: The instructions do not specify delimiter-based markers for the read content. Capability inventory: Bash, Write, AskQuestion. Sanitization: No explicit sanitization is described. However, the risk is mitigated by a mandatory human-in-the-loop requirement: the agent must present all scanned values as drafts and obtain explicit user confirmation via AskQuestion before saving any data to the final App-Brief.md file.

flows-app-brief