The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses git diff and git diff --staged to identify modified files and extract patterns for convention analysis. These are standard read-only operations for development tooling.
[DATA_EXFILTRATION]: There are no network calls or external data transfers. The skill's operations are confined to the local project environment.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or access to sensitive configuration files (e.g., .env, .aws/credentials) were observed.
[PROMPT_INJECTION]: The instructions are task-oriented and do not contain attempts to bypass safety filters or override core agent behavior.
[INDIRECT_PROMPT_INJECTION]: The skill processes project source code and git diffs as input.
Ingestion points: Project source files, test files, and git diff output (SKILL.md Step 2).
Boundary markers: None explicitly defined in the prompt interpolation logic.
Capability inventory: File system write access to .agents/coding-conventions.md.
Sanitization: Implements a mandatory user confirmation step (SKILL.md Step 6) before applying changes that reflect inferred user intent or drift, preventing automated exploitation via malicious code patterns.

sync-coding-conventions