The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions include running a local utility script (node bin/theme-css.js) to generate CSS variable blocks from YAML token files. This usage of the Bash tool is well-scoped within the intended primary purpose of the skill and does not involve executing untrusted or remote code.
[PROMPT_INJECTION]: The logic in SKILL.md and the supporting design files does not contain patterns associated with bypassing AI safety guardrails or overriding core agent instructions. Structural tags like <context> and <design-system> are used correctly for data organization.
[DATA_EXFILTRATION]: No network-related commands (e.g., curl, wget) or attempts to access sensitive system files (e.g., SSH keys, credentials) were detected. File system operations are confined to the skill's directory and the designated project output paths.
[INDIRECT_PROMPT_INJECTION]: The skill ingests data from local markdown and YAML files to generate summaries. While this represents an ingestion surface, the source files are part of the skill's distributed package, and the processing is restricted to condensing design philosophies into documentation.

gsp-style