The Agent Skills Directory

[PROMPT_INJECTION]: The skill acts as an orchestrator that processes untrusted project source code, creating an indirect prompt injection surface where malicious instructions in comments or code could influence the agent's behavior.
Ingestion points: Source files in the target project directory and metadata in .ui-convert/progress.json.
Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded content in the processed files.
Capability inventory: The skill orchestrates sub-skills with capabilities for file system writes and Model Context Protocol (MCP) tool execution.
Sanitization: No sanitization or validation of the ingested file content is described in the coordinator logic.

ui-convert-coordinator