The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes Bash and Grep tools to perform local filesystem scans for maintainability metrics, such as identifying deeply nested logic or excessively long functions. This behavior is consistent with its stated purpose as an auditing worker.
[INDIRECT_PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it processes untrusted local source code as its primary input. 1. Ingestion points: Source code files are read through Grep, Glob, and mcp__hex-line tools during the scanning phase (SKILL.md Workflow). 2. Boundary markers: No explicit delimiters are used, but the skill requires a 'Layer 2 context verification' step to manually confirm findings before reporting. 3. Capability inventory: The agent has access to Read, Bash, and Grep tools. 4. Sanitization: No specific sanitization or filtering of the code content is described in the workflow.

ln-624-code-maintainability-hotspot-auditor