The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions include a requirement for the agent to execute mkdir -p .aix to ensure a specific directory exists before writing artifacts. This is a low-risk command used for project organization.
[INDIRECT_PROMPT_INJECTION]: The skill processes user-selected code or queries via the ${selection} variable.
Ingestion points: Untrusted data enters the agent context through the ${selection} placeholder in SKILL.md.
Boundary markers: None are present to delimit the untrusted selection from the agent's instructions.
Capability inventory: The skill includes instructions to execute shell commands (mkdir) and perform file-writing operations to the .aix/ directory.
Sanitization: No explicit sanitization or validation of the input selection is defined in the instructions.

sql-optimization