The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes project-specific files such as package.json and source code which represent an untrusted data ingestion surface common in development workflows.
Ingestion points: Project configuration files including package.json, package-lock.json, and source code directories are copied into the container context as described in SKILL.md and REFERENCE.md.
Boundary markers: Absent; the skill does not specify delimiters or instructions to ignore embedded prompts in processed data.
Capability inventory: The skill leverages the Bash tool to execute docker build, npm ci, and other build-related commands that process the ingested files.
Sanitization: Absent; content from the project files is used directly within the container build process and shell environment.
[EXTERNAL_DOWNLOADS]: The skill references official container images and well-known developer tools.
Fetches official images from Docker Hub (node:20-alpine, nginx:1.27-alpine) and Google Container Registry (gcr.io/distroless/nodejs20-debian12).
Recommends installing standard package management tools like pnpm and turbo from the official npm registry.
[COMMAND_EXECUTION]: The skill provides a library of CLI commands for image management and security auditing.
Provides commands for building containers (docker build), inspecting image layers (docker history), and running production vulnerability audits (npm audit).

nodejs-containers