The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted data from the repository (code, git logs, and documentation), which creates an attack surface for indirect prompt injection.\n- Ingestion points: Project files, git logs, and documentation in .agents/skills/, .claude/agents/, AGENTS.md, and CLAUDE.md analyzed during the workflow.\n- Boundary markers: Absent. The instructions do not define delimiters or 'ignore instructions' warnings for content extracted from the codebase during analysis.\n- Capability inventory: The skill utilizes grep, git log, git blame, and file reading to gather information for synthesis. It lacks network access, privilege escalation, or arbitrary code execution tools.\n- Sanitization: Absent. Findings are synthesized directly from retrieved code and documentation without explicit sanitization or escaping steps.

explore