The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes standard testing and coverage commands based on the detected project stack. Examples include npx vitest run --coverage, npx jest --coverage, python -m pytest --cov, and go test -coverprofile=cover.out. These are necessary for the skill's primary function of auditing test quality.
[EXTERNAL_DOWNLOADS]: Uses the npx utility for Node.js environments, which may download required packages (like Vitest or Jest) from the npm registry if they are not present in the local cache or node_modules. This is standard behavior for Node.js-based tooling.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from the project's source code, test files, and configuration files (such as .wardstones/config.json). While it processes these files to identify testing patterns and suppression comments (e.g., wardstones-ignore), the risk is mitigated by its deterministic scoring logic and specific pattern matching rather than arbitrary execution of code comments as instructions.

tyr