The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to perform project initialization and dependency management (e.g., npx create-next-app, npm install). While standard for a scaffolding tool, this involves executing commands that incorporate project-specific parameters.
[EXTERNAL_DOWNLOADS]: The skill's templates instruct the agent to download and install various third-party packages and frameworks from official registries like NPM and PyPI. These are well-known technology sources.
[PROMPT_INJECTION]: As an orchestrator, the skill ingests natural language user input to plan and generate code, creating a surface for indirect prompt injection or command injection.
Ingestion points: User project descriptions enter the context through SKILL.md and project-detection.md.
Boundary markers: The skill instructions do not specify any delimiters or safety warnings to delineate untrusted user input from the agent's core logic.
Capability inventory: The skill has access to powerful tools including Bash, Write, and Edit to carry out generated plans.
Sanitization: There is no documented logic for sanitizing user-provided strings (such as project names or feature descriptions) before they are used in terminal commands or project templates.

app-builder