The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses npx impeccable in reference/critique.md to perform automated design scans, which downloads and executes the package from the NPM registry at runtime.
[REMOTE_CODE_EXECUTION]: Instructions in reference/critique.md guide the agent to inject a script from the local server into active browser tabs using the javascript_tool. This enables dynamic script execution within the user's web application context.
[COMMAND_EXECUTION]: The script scripts/live-server.mjs starts a local HTTP server that listens on a port for browser events. Although it uses a session token for authentication, opening network listeners is a notable security surface.
[COMMAND_EXECUTION]: Multiple scripts (scripts/live-inject.mjs, scripts/live-wrap.mjs, scripts/live-accept.mjs) perform automated file system writes to project files. Additionally, scripts/live-inject.mjs can modify the project's Content-Security-Policy (CSP) meta tags to allow connections to the local helper server.
[COMMAND_EXECUTION]: The scripts/is-generated.mjs file uses execSync to run shell-based git commands to identify ignored files. scripts/live-poll.mjs also uses execFileSync to manage code accept/discard operations.
[COMMAND_EXECUTION]: Through scripts/pin.mjs, the skill can create and remove persistent skill files in the agent's environment, allowing it to register new standalone commands.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) because it ingests data from local files like PRODUCT.md and DESIGN.md via scripts/load-context.mjs without boundary markers or sanitization, and has the capability to execute shell commands and write to files.

impeccable