The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill suggests running npx @google/design.md lint DESIGN.md, which downloads and executes a package from Google's official npm registry. This is presented as a standard developer validation step.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted local data. 1. Ingestion points: Scans local configuration and style files including tailwind.config.{js,ts}, app/globals.css, and src/styles/*.css. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded directives are used when reading these files. 3. Capability inventory: Performs file reads across the codebase and writes to the project root (./DESIGN.md), while also prompting for user command execution. 4. Sanitization: No validation or sanitization of the ingested content is performed before inclusion in the final output.

brand