The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to process data from an external issue tracker as described in SKILL.md. This untrusted content is passed to subagents using instructions in references/executor-prompt.md and references/validator-prompt.md without boundary markers or protective delimiters. This creates an Indirect Prompt Injection surface where malicious content in an issue could potentially manipulate subagents into performing unauthorized code modifications.
[COMMAND_EXECUTION]: The skill orchestrates the execution of user-defined or CI-discovered 'final validation' commands and allows subagents to run tests and implementation commands. This capability, while necessary for the skill's purpose, increases the potential impact of an injection attack as malicious instructions from external sources could lead to the execution of harmful commands.

candango-executor