The Agent Skills Directory

[SAFE]: The skill operates as a prompt engineering assistant, leveraging built-in tools like Grep, Glob, and the Task agent orchestration to provide high-quality transformations. Its operations are transparent and well-documented.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests content from the local codebase to provide context for prompt transformation. This is inherent to the tool's core functionality and is dropped in severity due to the skill's primary purpose and inclusion of safety documentation.\n
Ingestion points: agents/codebase-context-builder.md reads files from the user's codebase using Grep, Glob, and Read tools.\n
Boundary markers: The agent prompts do not implement explicit delimiters or 'ignore instructions' warnings when integrating codebase content into the model's context.\n
Capability inventory: The agents have access to Bash, Read, Grep, Glob, and the Task tool for parallel execution.\n
Sanitization: No explicit sanitization or filtering of the ingested code content is performed before it is processed.

best-practices