The Agent Skills Directory

[COMMAND_EXECUTION]: The skill explicitly instructs the agent to perform mandatory bash execution to calculate SHA-256 hashes using system utilities like sha256sum and grep. This involves direct interaction with the host shell using file paths derived from the workspace as arguments.
[PROMPT_INJECTION]: The skill establishes a vulnerability surface for indirect prompt injection by processing external documentation data and incorporating it into automated shell operations. 1. Ingestion points: EARS and PRD documents located in the docs/03_EARS/ and docs/02_PRD/ directories. 2. Boundary markers: There are no explicit delimiters or safety instructions provided to the agent to treat content from these files as untrusted or to ignore embedded instructions. 3. Capability inventory: The skill uses local shell execution capabilities and file system write operations to maintain the .drift_cache.json and generate review reports. 4. Sanitization: The skill does not define any sanitization, escaping, or validation steps for file names, paths, or document content before they are interpolated into shell commands.

doc-ears-reviewer