The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands for validation purposes, including npm run test:schema-fixtures, npm test, and npm run typecheck. These commands are used to verify schema correctness and code compatibility within the development environment.
[EXTERNAL_DOWNLOADS]: The skill uses npx skill-check, which involves downloading and executing a package from the npm registry. While npx is a standard developer tool, it represents a dynamic dependency being fetched and run at runtime.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to inspect and process data from external documentation files hosted on xcodebuildmcp.com. This creates an attack surface where maliciously crafted external content could provide instructions to the agent.
Ingestion points: External .mdx files referenced in the Files to inspect section (e.g., schema-versioning.mdx, output-formats.mdx).
Boundary markers: None identified in the skill instructions to separate external data from system instructions.
Capability inventory: The skill has access to file system reading, local command execution (npm), and network-based package execution (npx).
Sanitization: No sanitization or validation of the external content is specified before processing.

xcodebuildmcp-structured-output-review