The Agent Skills Directory

[COMMAND_EXECUTION]: The skill suggests using standard shell utilities such as find, grep, ls, and tree to locate files and content. These commands are used as intended for filesystem exploration within the agent's environment.
[DATA_EXPOSURE]: The instructions guide the agent to locate configuration files, explicitly mentioning .env and appsettings files. While identifying these files is part of mapping a codebase's structure, it represents a surface where sensitive environment variables could be accessed if the agent reads the file contents.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to read and summarize content from external sources (the files in the codebase). A malicious file could contain instructions intended to influence the agent's behavior. However, the skill includes strict 'Critical Principles' and 'What NOT To Do' guidelines that explicitly forbid the agent from deviating from its documentation role.

prp-codebase-explorer-agent