The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from external design software (Figma, Sketch, Penpot) and local configuration files to generate source code in various formats (Swift, CSS, JavaScript). Maliciously crafted input in the source design files could potentially influence the generated output. \n- Ingestion points: Data is ingested from design-tokens.json and external design files as described in the Synchronization Workflow section. \n- Boundary markers: The skill includes a manual confirmation step ('Apply changes with confirmation') and maintains change history in a .tokens-history/ directory. \n- Capability inventory: The skill uses the /sync-design-system command to write files to the filesystem and generate code assets. \n- Sanitization: The skill documents 'Validation Rules' including checks for type consistency, naming compliance, and reference integrity to verify token data before application.

design-system-management