The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill ingests untrusted codebase content and user-provided arguments which are then interpolated into sub-agent prompts for analysis.
Ingestion points: The skill reads repository files (src/**, package.json) and user arguments ($ARGUMENTS) in SKILL.md and rules/exploration-agents.md.
Boundary markers: Explicit delimiters or instructions to ignore embedded commands within the ingested content are absent in the sub-agent prompt templates.
Capability inventory: The skill possesses significant capabilities including Bash tool execution, TaskCreate for spawning sub-agents, and Read/Write access to the file system.
Sanitization: No explicit sanitization or filtering of codebase content is performed before passing it to sub-agents.
[COMMAND_EXECUTION]: The skill executes local shell scripts and commands using the Bash tool to perform static analysis.
Evidence: SKILL.md triggers a repo-structure-indexer hook and runs Grep/Glob tools. It also utilizes a custom bash script scripts/dependency-mapper.sh for extracting import data and calculating coupling metrics.

explore