The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill recommends the global installation of the opensrc CLI tool via npm (npm i -g opensrc). This tool is not provided by an established or well-known service, and its installation introduces an external dependency from an unverified source into the user's environment.
[COMMAND_EXECUTION]: The skill provides templates for bash scripts and JavaScript/TypeScript plugins to be used as hooks for Claude Code and OpenCode. These scripts are designed to intercept and filter tool calls, which is a powerful capability that involves the generation and local execution of code that can block or permit agent actions.
[PROMPT_INJECTION]: The skill creates an 'Indirect Prompt Injection' surface by establishing a workflow where the agent reads and implements instructions from docs/REQUIREMENTS.md, docs/BUSINESS-RULES.md, and external issue trackers (e.g., Linear, Jira). The templates provided for these sources do not include boundary markers or warnings to disregard embedded instructions, potentially allowing malicious content in these data sources to override agent behavior.
Ingestion points: docs/REQUIREMENTS.md, docs/BUSINESS-RULES.md, and external issue tracker APIs (Linear, Jira).
Boundary markers: Absent. No specific delimiters or instructions to ignore nested directives are included in the documentation templates.
Capability inventory: The agent is granted full implementation capabilities, including file system access (writing code) and shell command execution.
Sanitization: Absent. The agent is directed to use external requirement descriptions as the primary source of truth for its implementation tasks.

ai-repo-setup