The Agent Skills Directory

[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes data from external files (engineering docs and build configs). However, the risk is restricted by the skill's limited capabilities and lack of network access.
Ingestion points: Files within the .chalk/docs/engineering/ directory and codebase configuration files like webpack.config.js or next.config.js.
Boundary markers: None mentioned for isolating processed data from instructions.
Capability inventory: The skill uses Read, Glob, Grep, and Write tools to process text and generate markdown reports.
Sanitization: No sanitization or validation of the ingested file content is specified.

audit-performance