The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a utility shell script, find-polluter.sh, which automates the process of identifying tests that create unwanted files or state. This script executes arbitrary local code via npm test on files discovered through a user-provided search pattern.
[DATA_EXFILTRATION]: The SKILL.md file provides diagnostic examples for investigating multi-component systems, specifically for build and signing issues. These examples include commands that access sensitive data, such as environment variables (env | grep IDENTITY) and macOS keychain metadata (security list-keychains, security find-identity). While intended for local troubleshooting, these are patterns associated with credential exposure.
[PROMPT_INJECTION]: The skill describes a data-gathering process that involves analyzing external sources such as error messages, stack traces, and logs from various system components. This creates an indirect prompt injection surface where an attacker could embed malicious instructions within the logs or error data processed by the agent.
Ingestion points: SKILL.md instructs the agent to read and analyze error messages, stack traces, and logs from component boundaries in Phase 1.
Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the ingested data are provided.
Capability inventory: The skill possesses the capability to execute shell commands (find-polluter.sh) and access the local file system.
Sanitization: There are no instructions for sanitizing or validating the contents of the logs or error messages before they are processed by the agent.

systematic-debugging