The Agent Skills Directory

[COMMAND_EXECUTION]: The skill employs standard system utilities including ls, find, and grep to explore repository structures and search for code patterns. These operations are restricted to the local file system and are used in accordance with the skill's primary purpose of codebase analysis.
[PROMPT_INJECTION]: The skill is designed to ingest and process data from untrusted sources, specifically files within a cloned repository (such as README.md, CONTRIBUTING.md, and CLAUDE.md). This creates a surface for indirect prompt injection where malicious instructions embedded in a project's documentation could attempt to influence the agent's analysis or reporting behavior.
Ingestion points: Reads all documentation and source files within a specified repository path.
Boundary markers: None explicitly defined to separate project content from agent instructions.
Capability inventory: Limited to file system discovery, file reading, and writing a markdown report to a local directory.
Sanitization: No sanitization of ingested content is specified before being processed by the agent.

repo-research-analyst