The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from the codebase to drive its logic. Maliciously crafted comments or code patterns could potentially trick the agent into deleting unintended files or bypassing its own safety constraints.
Ingestion points: Project source files identified and read using Glob, Grep, and Read tools.
Boundary markers: No specific delimiters or instructions are used to separate the analyzed code from the agent's instructions.
Capability inventory: The skill possesses the Edit capability to delete files and the Bash capability to execute system commands.
Sanitization: There is no evidence of sanitization or filtering of the code content before it is processed by the agent.
[COMMAND_EXECUTION]: The skill's verification phase automatically executes build, test, and lint commands based on the detected project environment (e.g., npm run build, go test). This involves executing scripts defined in local configuration files like package.json, which could be exploited if the project being analyzed is malicious.

dead-code-cleanup