The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local shell script 'dev/scripts/audit-tests.sh' and utilizes the 'Write' tool to output analysis results to 'dev/reports/prompt-audit.md'. These operations are consistent with the skill's stated purpose as a developer tool.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting and analyzing untrusted content from external markdown files. Ingestion points: The skill reads all files matching the patterns 'gsp/skills//SKILL.md' and 'gsp/agents/gsp-.md'. Boundary markers: There are no delimiters or explicit instructions provided to the agent to ignore or treat the content of the analyzed files as data rather than instructions. Capability inventory: The skill has access to powerful tools including 'Bash', 'Write', and the 'Agent' tool (allowing it to spawn other agents). Sanitization: No sanitization, escaping, or validation of the ingested prompt content is performed before the agent processes it for semantic analysis.

gspdev-prompt-audit