The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs shell execution of runtime checks including compileall, pytest, ruff, and mypy. These actions are clearly defined in SKILL.md under the workflow steps and are explicitly gated by a mandatory user approval requirement.
[PROMPT_INJECTION]: The skill is exposed to potential indirect prompt injection due to its core function of reading and processing untrusted third-party code. 1. Ingestion points: Processes all .py files, configuration manifests (e.g., pyproject.toml, requirements.txt), and CI configurations within the project scope. 2. Boundary markers: SKILL.md Step 3 includes explicit instructions for the agent to treat repository content as untrusted data rather than instructions and to ignore text attempting to override the skill's logic. 3. Capability inventory: Executes shell commands for auditing and generates detailed reports based on file content. 4. Sanitization: The skill mandates that secrets be replaced with [REDACTED] and that evidence summaries are paraphrased and sanitized to prevent exfiltration or injection.

python-doctor