The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements 'Four No Principles' (No asking, No clarifying, No interrupting, No reporting intermediate steps) in SKILL.md and rules/autonomous-loop.md. These instructions explicitly bypass human-in-the-loop safety and interaction protocols by commanding the agent to 'use best practice decision-making' instead of seeking user confirmation. This reduces oversight and increases the risk of the agent executing harmful actions based on misinterpreted or malicious inputs.- [COMMAND_EXECUTION]: The execution logic in rules/autonomous-loop.md specifies automatic code validation using system commands such as 'python -m py_compile' and dynamic module imports. These operations are performed autonomously on code generated by the agent during the iteration cycle.- [REMOTE_CODE_EXECUTION]: In rules/autonomous-loop.md, the 'Error classification and response' section instructs the agent to 'try install' dependencies if an import error occurs. This behavior implies the dynamic installation of unverified third-party packages from public registries at runtime without user review.- [PROMPT_INJECTION]: The skill creates a significant surface for indirect prompt injection as it is designed to ingest and process arbitrary user-provided tasks with full autonomy and high-privilege capabilities.
Ingestion points: The 'Phase 1: Autonomous understanding' section in SKILL.md takes 'a sentence or a paragraph' from the user as the primary input for the iteration loop.
Boundary markers: None are present; the skill is instructed to 'supplement default values' and 'make assumptions' regarding user intent rather than isolating or sanitizing the input.
Capability inventory: The agent has access to file system writes, subprocess execution (compilation checks), and package installation as defined in the autonomous loop rules.
Sanitization: No validation or sanitization mechanisms for the user-supplied task descriptions are mentioned.

power-iterate