The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by delegating logic and command selection to a repo-local policy file. * Ingestion points: Repository-controlled policy files (e.g., config/change-contract-policy.sh) and touched files (SKILL.md, references/policy-reference.md). * Boundary markers: Absent. There are no instructions to ignore or delimit instructions found within the policy data. * Capability inventory: The skill can execute shell commands via a 'checker command', various validation profiles, and an example release runner script. * Sanitization: Absent. The skill does not describe any validation or escaping of the policy file contents before execution.
[COMMAND_EXECUTION]: The skill is designed to execute shell commands and external scripts based on project context. * Evidence: SKILL.md instructs the agent to 'run the repo checker command'. * Evidence: The provided example script (references/run-release-checklist.example.sh) executes build tools like cmake and ctest, as well as several repository scripts in the 'scripts/' directory.

development-contract-core