The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes local Python scripts located at $HOME/.claude/skills/ui-ux-pro-max/scripts/search.py to gather design intelligence. This is an intended functional capability of the skill to utilize a design database.- [PROMPT_INJECTION]: The skill processes user-provided input through the $ARGUMENTS placeholder, which is encapsulated within <tasks> delimiters. This untrusted data is then used by the agent to determine parameters for the python3 command execution. While the agent acts as a buffer by interpreting intent to fill placeholders like <product-type>, this structure represents a potential surface for indirect prompt injection if the inputs are designed to influence command parameters. No sanitization logic for these inputs is explicitly defined in the skill instructions.

design-fast