The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the agent-spec tool from an external registry using cargo install agent-spec if it is not found on the system.
[COMMAND_EXECUTION]: The skill utilizes multiple shell commands to perform its core functions, including command -v, cargo install, agent-spec contract, and agent-spec explain. It also includes a shell for loop in the SKILL.md to batch process files in the specs/ directory.
[PROMPT_INJECTION]: The skill is designed to ingest and process the contents of external .spec files to generate estimates. This creates a surface for indirect prompt injection where malicious instructions embedded within a specification file could influence the agent's behavior.
Ingestion points: Data enters the context via the output of agent-spec contract [path] and by reading .spec files.
Boundary markers: Absent; there are no specific delimiters or instructions for the agent to ignore potentially malicious embedded text within the spec files.
Capability inventory: The agent has the capability to execute shell commands and install packages via cargo.
Sanitization: Absent; the skill does not specify any validation or sanitization of the specification file content before processing.

agent-spec-estimate