The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple shell commands to detect project context and inspect files, including using jq to parse JSON and grep to scan for compatibility issues in source code.
[EXTERNAL_DOWNLOADS]: Fetches and runs official Grafana utilities (@grafana/create-plugin, @grafana/react-detect) from the npm registry using npx to automate migration tasks.
[REMOTE_CODE_EXECUTION]: Uses npx to download and execute code from the remote registry at runtime. These tools are provided by the official vendor and are essential for the migration workflow.
[COMMAND_EXECUTION]: Orchestrates migration steps through package manager commands (npm, yarn) to install dependencies, update project structure, and execute build and test suites.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it reads and processes external source code and configuration data.
Ingestion points: Reads files in src/, package.json, and plugin.json (Step 1, Step 2, Step 8).
Boundary markers: Absent; the instructions do not use delimiters or provide safety warnings when the agent processes file content.
Capability inventory: Full shell access for dependency management, build processes, and git state manipulation.
Sanitization: No validation or filtering is performed on the ingested code before it is passed to subsequent tools or commands.

react-19-plugin-migration