The Agent Skills Directory

[COMMAND_EXECUTION]: The skill constructs shell commands by interpolating variables like ${PATH}, ${FOCUS}, and ${ENTRY} directly into Bash blocks, which could lead to command injection if the variables contain shell metacharacters.
[EXTERNAL_DOWNLOADS]: The Troubleshooting section recommends installing the llm-tldr package from public registries using uv or pip.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of untrusted codebase content. * Ingestion points: The skill reads local source files, structure, and metadata using tools like tldr, Grep, and Read. * Boundary markers: There are no explicit boundary markers or instructions to ignore instructions within the ingested data. * Capability inventory: The skill environment includes Bash (command execution), Write (file modification), and Task (sub-agent spawning). * Sanitization: No sanitization or validation of the ingested content is performed before it is used in the exploration process.

explore