The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill directs the agent to install the pantagruel toolchain from a third-party GitHub repository (subsetpark/pantagruel) and fetch documentation from the same source. This involves downloading code and assets from an unverified external entity.- [REMOTE_CODE_EXECUTION]: The instructions require the agent to extract generated specification strings into temporary files and execute them using the pant toolchain. Installing and running software from untrusted third-party repositories is a high-risk operation.- [COMMAND_EXECUTION]: The agent is instructed to execute shell commands such as brew tap, brew install, and pant for toolchain setup and specification verification. It also mentions running JSON schema validators like ajv.- [PROMPT_INJECTION]: The skill processes user-provided specification files, which presents a surface for indirect prompt injection.
Ingestion points: The agent reads the full contents of files located at user-provided paths (specFile).
Boundary markers: No specific boundary markers or instructions to ignore embedded commands are provided for the ingested content.
Capability inventory: The agent has capabilities for filesystem writes and shell command execution (pant).
Sanitization: There is no evidence of sanitization or validation of the external content before it is parsed and used to influence the agent's output.

write-gameplan