The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it requires the agent to read and analyze external codebases which may contain malicious instructions nested in code comments or project data.
Ingestion points: The agent utilizes Read, Grep, and Glob tools to ingest content from user-provided project files as described in the allowed-tools of SKILL.md.
Boundary markers: There are no explicit instructions or delimiters provided within the skill to help the agent distinguish between its core instructions and potentially adversarial content within the files it analyzes.
Capability inventory: The agent is empowered to read local files and execute development scripts such as pnpm run test or pnpm run typecheck as indicated in the reference checklists.
Sanitization: The skill lacks guidance on sanitizing or validating ingested code content before it is incorporated into the agent's reasoning process or used to suggest modifications.

tanstack