The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes local utility scripts, validate-yaml.py and search-yaml.py, to ensure the structural integrity of generated documentation manifests and to identify outdated entries. These commands are executed as part of the standard operational workflow and target local project files.
[PROMPT_INJECTION]: The skill processes project source code as untrusted input to extract API signatures and metadata, which creates an indirect prompt injection surface. Malicious content within the source code (e.g., in comments) could theoretically attempt to influence the agent's behavior during the document generation process.
Ingestion points: The skill reads source code files specified by the source_root and source_files parameters in SKILL.md.
Boundary markers: Documentation is generated using structured YAML frontmatter and Markdown templates defined in reference.md, which helps isolate extracted content.
Capability inventory: The skill has permissions to read source files, write documentation to the docs/api/ directory, and execute local validation scripts.
Sanitization: The instructions do not specify explicit sanitization or filtering of the source code content before it is processed by the agent.

cs-libdoc