The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses system-specific commands such as open, start, or xdg-open to launch the generated HTML architecture report in the user's default browser.
[EXTERNAL_DOWNLOADS]: The generated HTML reports include script and style references to Tailwind CSS and Mermaid.js, which are retrieved from well-known and widely used public CDNs.
[PROMPT_INJECTION]: The skill ingests untrusted codebase content which is subsequently rendered into an HTML report. The configuration of Mermaid with securityLevel: "loose" creates a surface for indirect prompt injection, as malicious Mermaid code in the analyzed codebase could potentially trigger script execution in the browser context.
Ingestion points: Project source code, domain glossaries, and Architectural Decision Records (ADRs) are read by the Explore subagent.
Boundary markers: There are no explicit delimiters or warnings used to prevent the agent from processing embedded instructions within the codebase content.
Capability inventory: The skill has permissions to write to the system temporary directory, execute local commands to display reports, and spawn additional subagents.
Sanitization: No explicit evidence of content sanitization or escaping is provided before the ingested data is interpolated into the HTML report template.

improve-codebase-architecture