The Agent Skills Directory

Indirect Prompt Injection (SAFE): The skill exhibits an ingestion surface by reading untrusted project documentation and code diffs. This is inherent to its primary purpose as a quality scanner. * Ingestion points: reads docs/INDEX.md, AGENTS.md, README.md, and output from git diff or search/changes. * Boundary markers: None explicitly defined to separate documentation content from agent instructions. * Capability inventory: Recommends shell command execution (pnpm run lint, pnpm run architecture:gate). * Sanitization: No specific sanitization of file content is described. Given the development context and the tool's goal, the risk is negligible.
Unverifiable Dependencies & Remote Code Execution (SAFE): References external toolsets codacy/*, context7/*, and sequentialthinking/*. These are treated as platform-provided capabilities rather than untrusted remote scripts. No direct downloads or piped execution patterns (e.g., curl | bash) were identified.

black-tortoise-agent-quality-scan