The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches SDK version information and documentation from well-known registries and official vendor repositories, including PyPI, Maven Central, Crates.io, NuGet, and the Go proxy. These operations are restricted to metadata retrieval and do not involve executing remote scripts.
[COMMAND_EXECUTION]: The skill uses container management tools (docker compose, podman compose) and the vendor's command-line utility (snouty) to build project images and validate the testing harness configuration. These actions are central to the skill's primary function and intended usage.
[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it ingests data from research artifacts located in the antithesis/scratchbook/ directory to guide the configuration process.
Ingestion points: Data enters the agent context from antithesis/scratchbook/sut-analysis.md and antithesis/scratchbook/deployment-topology.md.
Boundary markers: Absent; the skill instructions direct the agent to parse and use fields from these files directly without delimiters or safety warnings to ignore embedded instructions.
Capability inventory: The skill can perform file system writes (creating Dockerfiles and docker-compose.yaml in SKILL.md and references/docker-images.md) and execute shell commands (docker/podman compose build and snouty commands in references/submit-and-test.md).
Sanitization: Absent; there is no instruction to validate, escape, or filter the content ingested from the research artifacts before using it to generate configuration files or command arguments.

antithesis-setup