The Agent Skills Directory

[COMMAND_EXECUTION]: Uses the Bash tool to execute project build commands (such as npm run build, next build, and vite build) and to verify local network state using lsof.
[EXTERNAL_DOWNLOADS]: Fetches and executes component libraries from the npm registry using npx shadcn@latest and @react-native-reusables/cli during the component implementation phase.
[DATA_EXFILTRATION]: Performs local network requests to localhost using curl to verify that the development server is rendering correctly and that design tokens are resolved.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and interprets various design and configuration files from the codebase that could contain malicious instructions.
Ingestion points: Reads screen design chunks (screen-*.md), project configuration (config.json), and brand guidelines (STYLE.md) into the agent's context.
Boundary markers: Uses internal XML-style tags (<context>, <objective>) to structure the skill's logic but does not provide explicit delimiters or instructions to ignore embedded commands within the processed data files.
Capability inventory: Accesses powerful tools including shell execution via Bash, file system modification via Write, and sub-agent spawning via the Agent tool.
Sanitization: External file content is processed directly for component extraction and code generation without evidence of sanitization or input validation.

gsp-project-build