The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The plugin templates include commands that execute shell operations via the Bash tool. Specifically, review.md executes git diff and fix-lint.md executes npm run lint. These are standard practices for the intended code-quality use-cases and use appropriate tool scoping (e.g., git:*).
[PROMPT_INJECTION] (LOW): The templates exhibit an Indirect Prompt Injection surface (Category 8). 1. Ingestion points: meeting-notes.md reads transcripts from @$1; review.md reads contents of files in the repository; ticket-analyzer.md processes ticket descriptions. 2. Boundary markers: None of the templates demonstrate the use of delimiters or instructions for the ingested content. 3. Capability inventory: The plugins have access to Read, Write, Edit, and Bash tools. 4. Sanitization: No input sanitization or validation is implemented in the examples.

create-cowork-plugin