The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's validation logic extracts and executes shell commands from external tape files.
Evidence: In 'SKILL.md' (Phase 1.5.4), the script parses commands from tape files and executes them using 'bash -c' to perform sanity checks.
Evidence: In 'modules/tape-validation.md', the 'validate_command_flags' function executes extracted commands with a '--help' flag to discover valid options: 'local help_output=$($base_cmd --help 2>&1)'.
[REMOTE_CODE_EXECUTION]: The practice of executing strings parsed from project files creates a critical vulnerability if those files originate from untrusted sources, such as in pull requests or external repositories.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading and installing external software from well-known services.
Evidence: Suggests installing the VHS tool from GitHub using 'go install github.com/charmbracelet/vhs@latest'.
Evidence: Suggests installing Playwright using 'npm install -D @playwright/test'.
[COMMAND_EXECUTION]: The skill identifies build systems and executes automated build and installation procedures.
Evidence: In 'SKILL.md' (Phase 1.6.3), the skill executes 'cargo install' or 'make build' based on detected files like 'Cargo.toml' or 'Makefile'.
[INDIRECT_PROMPT_INJECTION]: The skill processes external data that influences execution behavior without sufficient sanitization.
Ingestion points: The skill reads '.tape' and '.manifest.yaml' files discovered in the workspace ('SKILL.md' Step 1.1).
Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands when parsing these files.
Capability inventory: The skill has access to the 'Bash' tool for file system operations and command execution.
Sanitization: Data is extracted using 'grep' and 'sed', which does not prevent shell injection when the resulting strings are passed to 'bash'.

tutorial-updates