The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Python scripts (search.py, core.py, design_system.py) to implement a BM25-based search engine for local component metadata. These scripts operate on local CSV and JSON data files provided within the skill's data directory. No arbitrary command execution or shell injection surfaces were found.
[EXTERNAL_DOWNLOADS]: The documentation references standard package managers (pnpm, python) for installing legitimate development dependencies. The scripts themselves do not perform any hidden network requests or fetch remote payloads.
[DATA_EXPOSURE]: The persistence feature (--persist) writes design system documentation to the local design-system/ directory within the user's project. It does not access sensitive system files, environment variables, or credentials.
[PROMPT_INJECTION]: The skill contains 'Design System Rules' and 'Anti-Patterns' which are intended to guide the AI agent's code generation quality. These are standard instructional constraints for development and do not attempt to bypass safety filters or override core agent personality.
[INDIRECT_PROMPT_INJECTION]: The skill processes user queries for component searches. While it matches these queries against local rules, it uses a deterministic BM25 algorithm rather than directly interpolating untrusted strings into executable contexts. The risk of indirect injection via the CSV data is negligible as the data is statically defined within the skill package.

agentic-ui-development