The Agent Skills Directory

[SAFE]: No evidence of malicious behavior, data exfiltration, or obfuscation was found in the skill instructions.\n- [COMMAND_EXECUTION]: The skill defines patterns for using local shell commands like grep and glob to locate UI components and styling definitions. It also suggests running npm run dev for visual verification, which are standard development tasks.\n- [PROMPT_INJECTION]: The skill is designed to process untrusted user input (visual descriptions) to perform code modifications, which represents an indirect prompt injection surface.\n
Ingestion points: User text descriptions provided alongside screenshots (e.g., "[Image X] The /settings should be Y") enter the agent's context through visual feedback tasks.\n
Boundary markers: Absent; the instructions do not define specific delimiters to isolate user-provided text from the agent's internal logic.\n
Capability inventory: The agent has access to grep for searching, file editing tools for code modification, and npm for running scripts.\n
Sanitization: Absent; the skill does not mandate validation or filtering of the user's visual feedback descriptions before the agent acts upon them.

skill-visual-feedback