The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes external command-line tools and local scripts to process diagrams. Specifically, the conversion script scripts/convert-drawio-to-png.sh executes drawio for export and git for staging files, while SKILL.md directs the agent to execute mise, pre-commit, and node for maintenance tasks.
[PROMPT_INJECTION]: The skill's 'Self-Update Protocol' in SKILL.md (Section 13) establishes a mechanism for indirect prompt injection by allowing external data to modify the skill's behavior.
Ingestion points: Data is ingested from .drawio XML source files (specifically mxCell attributes).
Boundary markers: The protocol lacks delimiters or specific warnings to ignore instructions embedded within the diagram data.
Capability inventory: The skill can modify its own reference files and append new rules to its main instruction file (SKILL.md), and it also utilizes shell execution capabilities.
Sanitization: Content extracted from diagram files is not subjected to validation or sanitization before being incorporated into the skill's markdown files.

drawio-local