The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the !command`` syntax within the SKILL.md file to execute shell commands such as date, git rev-parse, and basename. These commands are used for the legitimate purpose of automatically populating metadata (timestamps, commit hashes, branch names) in research documents. It also instructs the agent to use git and the GitHub CLI (gh) for repository status and permalink generation.
[EXTERNAL_DOWNLOADS]: The instructions recommend using curl and bunx @playwright/cli to retrieve external documentation and resources. These actions target well-known sources and established developer tools to obtain AI-optimized content (e.g., llms.txt or markdown).
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes user research questions and reads external codebase and web content. Ingestion points: User-provided arguments and codebase files read via the readFile tool. Boundary markers: The skill uses structured YAML frontmatter and Markdown headers to organize the synthesized research. Capability inventory: The framework involves spawning sub-agents, file reading, and making network requests. Sanitization: The skill includes an explicit step to refine and optimize the research question using prompt-engineering techniques to ensure clarity and mitigate misinterpretation.

research-codebase