The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions to execute local JavaScript files using Node.js, specifically ~/.claude/benchmarks/run.mjs and ~/.claude/hooks/dist/canavar-cli.mjs. These scripts are located in the user's home directory and are not provided as part of the skill package for verification.
[PROMPT_INJECTION]: The benchmark framework establishes a pipeline for processing untrusted code fixtures, which introduces a surface for indirect prompt injection. 1. Ingestion points: Fixture files located in ~/.claude/benchmarks/fixtures/. 2. Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands within the fixtures. 3. Capability inventory: The execution environment has the capability to execute shell commands via Node.js and access the file system. 4. Sanitization: No sanitization or validation of the fixture content is described in the workflow.

agent-benchmark