The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill requires the agent to audit project files and configuration to identify executable oracles (Step 1). This ingestion of untrusted external data, combined with the capability to execute shell commands and modify code in subsequent steps (Step 6), creates a surface for indirect prompt injection. * Ingestion points: SKILL.md (Step 1: Audit) reads project directory structure and configuration files. * Boundary markers: Absent; no specific delimiters or 'ignore' warnings are provided for the audited content. * Capability inventory: High; includes terminal execution (tests, linters, tools) and file system modification (implementation steps) in SKILL.md (Step 6). * Sanitization: Absent; the skill does not instruct the agent to sanitize or validate project file names or contents before processing.
[EXTERNAL_DOWNLOADS]: Dependency Reference. The skill suggests using several third-party developer tools and libraries (e.g., Semgrep, Atheris, Hypothesis, Stryker) to validate code quality. These are well-known, legitimate industry tools used for software testing and analysis.

zero-dof