The Agent Skills Directory

[COMMAND_EXECUTION]: The skill directs the agent to execute shell commands such as 'ng build', 'ng version', and 'ng new'. Executing commands that incorporate user-provided parameters like '' carries inherent risk.
[PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection or command injection by interpolating user-provided project names directly into shell commands in 'SKILL.md'. * Ingestion points: User-supplied '' in 'SKILL.md'. * Boundary markers: Absent. * Capability inventory: Shell command execution via 'npx' and 'ng'. * Sanitization: No sanitization of the project name is specified before command execution.
[EXTERNAL_DOWNLOADS]: The skill utilizes 'npx' to download the Angular CLI from the NPM registry, which is an established and official service for software distribution.

angular5-typescript2.5