The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to interact with git and the GitHub CLI (gh) for repository management, branching, and PR creation. These are standard operations for the stated purpose of automating development workflows.
[INDIRECT_PROMPT_INJECTION]: The skill ingests data from external Claude Design bundles via URLs or local JSON files. This content is used to inform component scaffolding, test generation, and pull request descriptions.
Ingestion points: The handoff-url or path-to-bundle.json arguments in SKILL.md are the primary entry points for untrusted data.
Boundary markers: The prompt instructions for sub-agents do not explicitly define boundary markers for the external bundle data.
Capability inventory: The skill possesses capabilities for file modification (Write, Edit), shell command execution (Bash), and code generation via sub-agents (Agent).
Sanitization: The skill does not explicitly mention sanitization of the bundle content before its use in shell commands or prompts, representing a standard automation attack surface that is inherent to the skill's primary function.

design-ship