The Agent Skills Directory

[SAFE]: The skill follows secure diagnostic patterns and does not contain obfuscation, data exfiltration, or persistence mechanisms.
[COMMAND_EXECUTION]: The skill utilizes common developer tools including git, grep, node, and sw_vers for legitimate diagnostic purposes such as regression testing and environment verification. This usage is transparent and constrained to local system operations.
[PROMPT_INJECTION]: The skill naturally processes untrusted data such as user bug reports and repository source code, creating a surface for indirect prompt injection. * Ingestion points: Bug descriptions and codebase files processed in SKILL.md. * Boundary markers: None explicitly defined. * Capability inventory: Subprocess execution via git (including bisect test commands), grep, and runtime version checks. * Sanitization: None. However, the instructions direct the AI to treat ingested data as diagnostic evidence rather than actionable instructions, which mitigates the risk of adversarial obedience.

hunt