The Agent Skills Directory

[DYNAMIC_EXECUTION]: The skill dynamically constructs and executes shell commands to run Python scripts (scripts/{domain-validator}.py) where the script name is supplied by the input Pipeline Spec JSON. This allows for execution from computed paths.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from the codebase and synthetic targets which is then interpolated into prompts for other agents.
Ingestion points: Test targets discovered from repository files (fixtures, codebase) or created as synthetic inputs in Phase 1.
Boundary markers: Absent. The target content is directly embedded into the invocation prompt for the Agent tool in Phase 2, Step 2.
Capability inventory: The skill has access to Bash, Write, Edit, and Agent tools, enabling a wide range of secondary actions.
Sanitization: Absent. While the skill performs structural validation (e.g., checking if a manifest exists), it does not sanitize or escape the content of the target files before passing them to the next agent in the chain.
[COMMAND_EXECUTION]: The skill uses the Bash tool to perform file system operations, directory creation (mkdir -p), and recursive file searches using ls, grep, and glob patterns.

pipeline-test-runner