The Agent Skills Directory

[SAFE]: The skill is designed for operational maintenance and includes extensive defensive guidelines, such as pinning container images by digest, using non-root users, and enforcing supply chain guards (e.g., blocking untrusted postinstall scripts).
[EXTERNAL_DOWNLOADS]: The skill references standard installation methods for well-known development tools, such as the official Bun installation script (https://bun.sh/install). These references are educational and target well-known services.
[INDIRECT_PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection as it is designed to ingest and act upon project configuration files like package.json, lockfiles, and Dockerfiles. However, the instructions emphasize a 'DIAGNOSE' phase and mandatory build verification to mitigate accidental or malicious configuration changes.
Ingestion points: Project configuration files (package.json, pnpm-lock.yaml, Dockerfile, CI workflows) as specified in SKILL.md.
Boundary markers: None explicitly defined in the prompt instructions.
Capability inventory: Execution of shell commands for package management (pnpm, npm, yarn, uv), container operations (docker), and version control (git) across all reference scripts.
Sanitization: Relies on the 'TUNE' (diagnosis) and 'VERIFY' (testing) phases of the workflow to ensure changes are legitimate and safe.

gear