The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted project documentation (e.g., README.md, package.json) to drive its gap analysis and generation logic. This creates a surface for indirect prompt injection if an attacker can influence the content of the analyzed files to misguide the agent's research or output.
Ingestion points: scripts/analyze-docs.sh reads project-specific documentation and configuration files.
Boundary markers: Not present in the analysis phase.
Capability inventory: scripts/generate-guide.sh (file write, directory creation, script permission modification), scripts/integrate-guide.sh (file backup and modification).
Sanitization: scripts/generate-guide.sh implements strict regex-based validation for the TOPIC parameter to prevent directory traversal and shell metacharacter injection.
[DYNAMIC_EXECUTION]: The generate-guide.sh script programmatically generates new shell scripts (check-${TOPIC}.sh) and applies executable permissions (chmod +x). This dynamic execution capability is restricted to creating simple diagnostic scripts based on hardcoded templates, and the use of restricted topic names prevents the generation of arbitrary malicious code.

best-practice-guide