The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. The skill is designed to read and process untrusted project data such as SKILL.md files, CLAUDE.md memory files, and configuration settings to diagnose issues. A malicious project could include hidden instructions within these files to influence the agent's behavior during debugging. Found in: SKILL.md, references/troubleshooting-flow.md.\n- [DATA_EXFILTRATION] (LOW): Sensitive data exposure. The skill instructions direct the agent to display sensitive environment variables (like GITHUB_TOKEN and ANTHROPIC_API_KEY) and configuration files (settings.json, .mcp.json) in the terminal output. While necessary for troubleshooting, this exposes secrets in the command history and logs. Found in: references/common-issues.md, references/debug-commands.md.\n- [EXTERNAL_DOWNLOADS] (LOW): Dependency on external code. The troubleshooting guides recommend installing and running Model Context Protocol (MCP) servers using npm and npx. While these are standard components of the ecosystem, they involve executing third-party code from a remote registry. Found in: references/common-issues.md, references/debug-commands.md.\n- [COMMAND_EXECUTION] (SAFE): Standard system administration. The skill utilizes common Bash utilities such as ls, grep, jq, head, and chmod to verify file structures and permissions. Found in: SKILL.md, references/debug-commands.md.

claude-code-debug