The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it is designed to ingest and process external task descriptions. * Ingestion points: User requests are captured in task.md, and research findings are documented in research.md. * Boundary markers: The skill uses standard Markdown structure as delimiters but does not include explicit instructions for the agent to ignore or neutralize commands embedded within the user-provided content. * Capability inventory: The implementation guidelines in references/phase-implement.md direct the agent to run system-level verification such as typecheck, tests, build, and lint. * Sanitization: No explicit methods for sanitizing, escaping, or validating the input data are defined in the instructions. * Mitigation: To reduce risk, the skill should include instructions to the agent to treat user-provided text as data only and ignore any embedded instructions.
[NO_CODE]: This skill consists entirely of Markdown-based procedural instructions, reference documentation, and task templates; it does not distribute any executable scripts, binaries, or source code.

dev-workflow