The Agent Skills Directory

[SAFE]: The skill is a complex workflow orchestrator designed for security auditing and code annotation. It maintains state and coverage through local files (DIMENSIONAL_SCOPE.json and DIMENSIONAL_UNITS.md) in the project root, which is a legitimate and safe use of file persistence for multi-step processes.
[COMMAND_EXECUTION]: The skill utilizes the Task tool to delegate specific analysis steps to specialized subagents like arithmetic-scanner and dimension-validator. This modular approach follows a structured delegation contract and is restricted to defined agent roles within the environment.
[PROMPT_INJECTION]: The skill contains strong directives to the agent (e.g., 'Always run the full pipeline', 'Any mode argument provided by the caller is ignored'). These are functional workflow constraints intended to ensure audit thoroughness rather than attempts to bypass security filters or safety guidelines.
[PROMPT_INJECTION]: As a code auditing tool, the skill is subject to an indirect prompt injection surface where malicious code comments in the analyzed repository could attempt to influence subagent behavior.
Ingestion points: Project source code is ingested via Read, Grep, and Glob tools across the entire repository scope.
Boundary markers: The instructions do not explicitly provide delimiters or 'ignore embedded instructions' warnings for the data passed to subagents.
Capability inventory: The skill possesses Write capabilities for codebase modification and Task capabilities for agent orchestration.
Sanitization: No explicit sanitization or escaping of code content is performed before interpolation into subagent prompts.
[SAFE]: No obfuscation, hardcoded credentials, unauthorized network operations, or persistence mechanisms outside of legitimate workflow management were detected in the skill or its reference documentation.

dimensional-analysis