The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes magick (ImageMagick) commands to resize and convert images. It also uses which to check for the tool's presence and cp for file management. These are standard operations for image processing tasks.
[EXTERNAL_DOWNLOADS]: Recommends installing ImageMagick via official and trusted package managers such as Homebrew (brew) and APT (apt). This is a legitimate prerequisite setup and does not involve untrusted remote code execution.
[PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by reading application names from project files like package.json and config/application.rb and interpolating them into HTML layout files. However, this is expected behavior for a project scaffolding tool and the risk is considered low. Evidence Chain for Category 8:
Ingestion points: package.json (name field), config/application.rb (module name), and current directory name.
Boundary markers: Absent.
Capability inventory: File modification using Write and Edit tools to update HTML and manifest files.
Sanitization: Implements basic title case conversion for resolved names.

favicon