The Agent Skills Directory

[PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface because it reads and processes user-controlled data from a design document (design.md) to generate its output. While malicious instructions could be embedded in the design document, the risk is minimal as the skill's capabilities are restricted to generating markdown documentation.
Ingestion points: Reads untrusted content from the design.md file.
Boundary markers: The skill lacks explicit markers or instructions for the agent to treat input from design.md as strictly data and ignore any embedded commands.
Capability inventory: The skill is designed to perform file system reads and write a markdown file to a specific path (ascend-kernel/csrc/ops/[op-name]/test/[op-name]-test-cases.md).
Sanitization: There is no evidence of sanitization or validation of the content retrieved from the input file.

ascendc-operator-testcase-gen