The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes 'Review Findings' from external specification files (*.spec.md) to drive its fixing logic, creating a surface for indirect prompt injection. \n- Ingestion points: The agent reads findings from fix.md and related *.spec.md files. \n- Boundary markers: The skill lacks explicit boundary markers or specific instructions to treat external finding data as untrusted content. \n- Capability inventory: The skill possesses the capability to modify source code files and execute local development tools including build scripts, linters, and type checkers. \n- Sanitization: No sanitization or validation of the input findings is performed before they are used to guide code modifications and execution. \n- [COMMAND_EXECUTION]: The skill is instructed to run validation steps such as lsp_diagnostics, typecheck, lint, and build. While these are standard development tasks, they represent a capability that could be leveraged maliciously if the input specification files are compromised.

sdd-slim-fix