The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the genkit-cli and official plugins such as @genkit-ai/google-genai and @genkit-ai/next from standard NPM registries. These are verified resources provided by the vendor.
[COMMAND_EXECUTION]: Leverages the genkit CLI for documentation retrieval (genkit docs:search), flow testing (genkit flow:run), and development server management. These operations are transparent and consistent with the skill's purpose.
[PROMPT_INJECTION]: Includes instructions for the agent to prioritize current external documentation over its internal pre-trained knowledge to ensure accuracy after major API breaking changes. This is standard instructional steering for model correctness.
[CREDENTIALS_UNSAFE]: Explicitly recommends using environment variables for sensitive keys like GEMINI_API_KEY and warns against hardcoding secrets, adhering to security best practices.
[PROMPT_INJECTION]: The skill defines patterns for building applications that ingest user data via Zod schemas. While this creates an inherent surface for indirect prompt injection in the target application, the skill mitigates this by promoting structured input validation and schema descriptions.

developing-genkit-js