The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted project data to influence its output. * Ingestion points: Reads '.superstack/idea-context.md', '.superstack/build-context.md', and 'package.json'. * Boundary markers: Absent; the skill does not use delimiters to isolate external data from its primary instructions. * Capability inventory: The skill performs file writing (HTML slides) and network operations (telemetry via curl). * Sanitization: Absent; content from project files is directly incorporated into the generated slides.
[COMMAND_EXECUTION]: The skill uses shell scripts in SKILL.md for environment discovery (using find and cat) and telemetry management (using curl and grep). While these actions are aligned with the skill's purpose, they involve direct execution of shell commands.
[SAFE]: The skill implements an opt-in telemetry system that explicitly requests user consent before tracking non-sensitive metadata (e.g., skill name, status, and duration). The telemetry endpoint is dynamically retrieved from the user's local configuration.

create-pitch-deck