The Agent Skills Directory

[COMMAND_EXECUTION]: The skill allows the use of the Bash tool to execute Node.js scripts located in the references/scripts/ directory. These scripts implement a sophisticated state management and reporting system for 'runtime artifacts.' Analysis of the JavaScript code shows standard filesystem operations using the node:fs module for atomic writes and report management within the .hex-skills/ directory.
[DATA_EXFILTRATION]: No network-capable code or instructions (such as curl, wget, or fetch) were found within the skill's scripts or documentation. The system operates entirely on local files and project documentation.
[PROMPT_INJECTION]: The skill uses 'MANDATORY READ' directives to load local configuration and guide files. These instructions are standard for the hex-skills framework and do not contain patterns aimed at bypassing agent safety constraints or extracting system prompts.
[INDIRECT_PROMPT_INJECTION]: As an auditor of documentation (including AGENTS.md and CLAUDE.md), the skill has an inherent ingestion surface for untrusted content. However, the instructions specifically guide the agent to evaluate this content against semantic standards (e.g., checking for 'OFF_TOPIC' or 'SCOPE_CREEP') rather than executing embedded commands, providing a functional boundary.
[DYNAMIC_EXECUTION]: While the skill involves complex Node.js logic for orchestrating audit phases, it relies on structured JSON parsing (JSON.parse) rather than dangerous dynamic evaluation (eval or exec). The process management logic (process.kill) is used legitimately for checking process health during cleanup phases.

ln-612-semantic-content-auditor