The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell commands (test -f and echo) to detect the presence of configuration files (EXTEND.md) in both project-local and user-home directories. It also uses shell logic to manage file backups by renaming existing files with date-based suffixes before overwriting.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by design. It ingests untrusted external content and is explicitly instructed to preserve it verbatim through multiple processing steps, potentially leading to the injection of malicious instructions into the final image generation prompt.
Ingestion points: External markdown files or pasted text content (Step 1.2 in SKILL.md).
Boundary markers: None identified. The references/base-prompt.md and references/structured-content-template.md templates interpolate content directly without using security delimiters or 'ignore embedded instructions' warnings.
Capability inventory: File system operations (read, write, rename), shell command execution via bash, and the ability to invoke external skills for image generation.
Sanitization: None. The skill's core principles and references/analysis-framework.md explicitly mandate that all source data must be preserved exactly as written, precluding sanitization or filtering.

baoyu-infographic