The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses dynamic context injection to execute shell commands at load time. Specifically, it runs git diff to identify modified files and a brief node script to read the test runner command from the project's package.json file. These are standard, low-risk development operations used for environment discovery.
[PROMPT_INJECTION]: The skill is designed to read and process external source code, creating an indirect prompt injection surface. Mandatory Evidence Chain: (1) Ingestion points: Target files identified in the Scope step; (2) Boundary markers: None explicitly defined; (3) Capability inventory: Shell access via the agent's tools to execute identified test runners; (4) Sanitization: None present. The highly structured workflow of auditing followed by a strict red-green-refactor loop significantly reduces the likelihood of the agent following instructions embedded in the target code.
[DATA_EXFILTRATION]: There are no indicators of network activity targeting external domains or attempts to access sensitive files such as SSH keys, cloud provider configurations, or environment variables.

harden