The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes external commands to interact with the ESP-IDF toolchain and system hardware.
Evidence: The script scripts/idf_flasher.py calls idf.py for flashing and erasing operations, and uses powershell on Windows to detect serial ports.
Execution Safety: Commands are invoked using subprocess.run with argument lists rather than raw shell strings, which effectively prevents shell injection vulnerabilities.
[PROMPT_INJECTION]: The skill ingests data from the local project environment to configure its behavior.
Evidence: It reads the sdkconfig file to check for JTAG configuration flags (CONFIG_ESP_CONSOLE_USB_SERIAL_JTAG).
Risk Assessment: This ingestion is limited to specific string matching for configuration purposes and does not interpolate untrusted content into the agent's core instructions, mitigating risks of indirect prompt injection.
[DATA_EXPOSURE]: The skill accesses local project files and hardware device paths.
Scope: Access is restricted to firmware build artifacts (build/flasher_args.json) and system serial ports (e.g., /dev/ttyUSB0), which is strictly aligned with its primary purpose of hardware flashing.

flash-idf