The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill identifies .claude/project-context.md and .cursor/project-context.md as data ingestion points to understand the product context. While these are untrusted sources that could contain malicious instructions, the skill does not possess capabilities (like network access or shell execution) that could be exploited via this vector. Standard boundary markers for these files are assumed to be managed by the platform.
[DATA_EXPOSURE]: The skill reads project-specific context files to provide better advice. This is restricted to standard project metadata files and does not attempt to access sensitive system files or credentials.
[REMOTE_CODE_EXECUTION]: No remote code execution or external script downloads were found. All instructions are processed locally as natural language prompts.

pricing-page-generator