The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the printing-press scorecard utility and provides instructions for a sub-agent to invoke the CLI binary at $CLI_DIR/<cli-name>-pp-cli to verify findings. This is legitimate behavior for a diagnostic review skill.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it analyzes untrusted output from external CLI commands.
Ingestion points: The skill reads command output samples from /tmp/output-review-livecheck.json (specifically the output_sample field).
Boundary markers: The prompt contract for the Reviewer Agent does not include explicit delimiters or instructions to treat the sampled output as untrusted data.
Capability inventory: The Reviewer Agent has access to the Agent tool and is explicitly authorized to execute the CLI binary.
Sanitization: No sanitization or escaping is performed on the sampled command output before it is processed by the agent.

printing-press-output-review