The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill includes examples and instructions that pipe remote scripts directly into shell interpreters (bash and sh). Specific examples include the installation scripts for the nvm and mise version managers.
[EXTERNAL_DOWNLOADS]: The skill references external URLs to fetch installation scripts and tools, including raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh, mise.jdx.dev/install.sh, and mise.run.
[COMMAND_EXECUTION]: The skill provides numerous instructions for the agent to execute system commands for environment setup, package management, and verification. This includes tools such as brew, apt, npm, pip, go, and make.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of external decision files.
Ingestion points: The skill consumes data from technical stack selections (TECH-*) and architecture decisions (ARC-*) to populate environment specifications in SKILL.md.
Boundary markers: No specific delimiters or warnings are used to isolate or ignore instructions embedded within these source files.
Capability inventory: The skill documentation encourages the generation and execution of shell commands, file modifications, and package installations across all included files.
Sanitization: There is no evidence of sanitization or validation of the input data from TECH- or ARC- files before it is interpolated into executable script templates.

prd-v06-environment-setup