The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted input from code snippets and external web pages through the review_code and audit_url tools. This creates an indirect prompt injection surface where malicious instructions hidden in the audited content could attempt to influence the agent's behavior. * Ingestion points: Data enters the context via code snippets (review_code) and rendered HTML from external websites (audit_url). * Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands in the data being audited. * Capability inventory: The skill uses tools for auditing and remediation guidance (get_rule, fix_rule) but does not have the capability to write files, execute subprocesses, or perform arbitrary network operations. * Sanitization: There is no mention of sanitizing or escaping the content retrieved from external sources.
[EXTERNAL_DOWNLOADS]: The skill utilizes the audit_url tool to fetch and analyze content from public URLs provided by the user. It also references rule documentation from the vendor-owned site frontendchecklist.io.

frontend-checklist-global