The Agent Skills Directory

[Command Execution] (MEDIUM): The skill executes local Python scripts (project_scaffolder.py, code_quality_analyzer.py) which are referenced in the documentation but not provided in the skill package, preventing verification of the code being run.
[Credentials Unsafe] (MEDIUM): The code_quality_analyzer.py tool is designed specifically to scan for and identify 'hardcoded secrets' and 'injection risks'. While this is the tool's primary purpose, the broad filesystem access to sensitive credentials constitutes a significant security surface.
[External Downloads] (LOW): The project workflow encourages running npm install and pip install (via requirements.txt), which downloads and executes code from external registries. While standard for development, these actions are performed on unverified, potentially untrusted project scaffolds.
[Indirect Prompt Injection] (LOW): The skill processes untrusted user-provided codebase data which could contain malicious hidden instructions intended to compromise the agent. 1. Ingestion points: scripts/code_quality_analyzer.py reads user project directories. 2. Boundary markers: Absent. 3. Capability inventory: Filesystem write via project_scaffolder.py, remote code download via npm install. 4. Sanitization: Absent.

senior-fullstack