The Agent Skills Directory

[SAFE]: The skill's primary content consists of engineering guidelines and templates that encourage best practices like information hiding and code reuse. No malicious instructions were found during the analysis.\n- [COMMAND_EXECUTION]: The skill includes a shell script evals/run-static-checks.sh which executes a Python-based static analysis tool for testing the skill's structure and routing logic. This script is part of the development and testing suite and does not present a runtime security risk for users.\n- [PROMPT_INJECTION]: The skill processes external repository code to perform audits, creating a surface for potential indirect prompt injection if the audited code contains malicious instructions.\n
Ingestion points: Loads repository source files and project context as specified in SKILL.md and associated playbooks.\n
Boundary markers: No explicit delimiters or 'ignore' instructions are defined for isolating external code content within the subagent prompts in references/subagent-dispatch.md.\n
Capability inventory: The skill possesses the capability to write audit findings and ledger files to the local filesystem at docs/audits/ or audit-artifacts/.\n
Sanitization: No specific sanitization or escaping of ingested code is described before it is passed to the audit lenses.

minimal-modular-code