The Agent Skills Directory

[COMMAND_EXECUTION]: The utility script scripts/find-polluter.sh performs shell execution using variables (specifically $subset) without proper quoting (e.g., lines 145, 151, 158, 168). If the agent populates this variable with strings containing shell metacharacters derived from untrusted filenames or test IDs on the local filesystem, it could lead to arbitrary command execution.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core workflow (Phase 1 in SKILL.md) requires the agent to ingest and analyze untrusted diagnostic data such as stack traces, logs, and test outputs. The instructions lack explicit boundary markers or sanitization requirements for this evidence, creating a vector for embedded instructions to influence agent behavior.
[EXTERNAL_DOWNLOADS]: The INSTALL.md file contains instructions to download and install the skill pack from the author's repository using standard platform tools. This is documented neutrally as it originates from the skill author's context.

debug-runtime