The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from an external configuration file and user responses without implementing sanitization or boundary markers. Ingestion points: Professional context from ~/.devadvokit.md and user Q&A responses. Boundary markers: Data is used directly without delimiters or clear instructions to isolate it from system commands. Capability inventory: The skill is limited to text generation; it does not request or use capabilities for network operations or file system writes. Sanitization: No validation or sanitization is performed on the ingested configuration or user input.
[PROMPT_INJECTION]: The skill uses instructions to read silently and silently rewrite output, concealing internal operations from the user. While intended for quality assurance, instructions that hide an agent's reasoning or actions can be leveraged for malicious concealment.
[SAFE]: Accesses the files ~/.devadvokit.md and ../../shared/ai-antipatterns.md. These file operations are intended for context gathering and stylistic enforcement and do not target sensitive credentials or system-critical directories.

generate-bio