The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute standard development commands, including rails db:migrate, rails generate, and bundle exec rspec, as part of its core workflow for application building and testing.
[SAFE]: The instructions explicitly mandate security best practices, requiring the use of sanitize_sql for database queries and Strong Parameters for controller logic to prevent SQL injection and mass-assignment vulnerabilities.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it processes external user requirements to generate code and execute shell commands.
Ingestion points: User-provided requirements, models, and real-time feature descriptions (SKILL.md).
Boundary markers: Absent; there are no specific delimited instructions to ignore embedded commands in processed data.
Capability inventory: High; the skill uses rails and bundle CLI tools for system modification and execution (SKILL.md).
Sanitization: Present; the skill includes explicit constraints to sanitize SQL and use parameterized queries.

rails-expert