The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the command git ls-files --others --cached --exclude-standard | head -200 to map the project structure. This is a standard and safe operation for project auditing within a development environment.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the repository to inform its output. * Ingestion points: Reads contents from AGENTS.md, CLAUDE.md, README.md, the docs/ directory, and spec files (tasks.md, design.md). * Boundary markers: Absent; there are no instructions or delimiters to prevent the agent from obeying malicious instructions embedded within these files. * Capability inventory: The skill has the ability to execute shell commands (git) and write to the file system (AGENTS.md). * Sanitization: Absent; the skill does not validate or sanitize the text extracted from project files before using it to generate the architecture snapshot.

pb-init