The Agent Skills Directory

[COMMAND_EXECUTION]: scripts/assess.py executes the command git diff --name-only HEAD using subprocess.run to identify modified files when the --changed-only flag is used. This operation is limited to a hardcoded command.- [PROMPT_INJECTION]: The skill ingests untrusted source code for analysis, exposing an indirect prompt injection surface (Category 8). An attacker could craft source code that, when processed, biases the assessment metrics to influence downstream agent actions. * Ingestion points: Source code files are read by scripts/assess.py based on the --target argument. * Boundary markers: The assessment reports generated in markdown or JSON do not use delimiters or instructions to prevent the agent from interpreting instructions embedded within the analyzed code metrics. * Capability inventory: The skill performs file system read/write operations and executes git via subprocess.run (in scripts/assess.py). * Sanitization: scripts/assess.py implements path traversal validation to ensure target files reside within the current working directory, though it does not sanitize the content of the files themselves.

code-qualities-assessment