The Agent Skills Directory

[PROMPT_INJECTION]: The skill provides structural guidance on creating instructions that "replace the default system prompt" and "override all other guidance." It specifically recommends placing "Critical Rules" at the end of the prompt to ensure higher compliance and includes "Consistency Safeguards" designed to prevent the agent from reverting to its default safety or behavioral patterns during long conversations.
[COMMAND_EXECUTION]: The documentation and quick-start guides include shell commands (mkdir -p) to create directory structures in the user's home directory (~/.claude/output-styles/). These commands are provided for the agent to execute when initializing the environment for custom styles.
[PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by processing untrusted user requirements to generate system-level instructions.
Ingestion points: User-provided descriptions for new or modified styles (referenced in SKILL.md).
Boundary markers: No specific delimiters or instructions to ignore embedded malicious content are present for the input data.
Capability inventory: The skill explicitly notes that tool access (Read, Write, Bash, etc.) is preserved even when system prompts are replaced (referenced in SKILL.md).
Sanitization: No evidence of sanitization or safety validation for user-generated style content is provided in the instruction files.

output-style-engineering