The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's workflows (specifically workflow-browse.md and workflow-view.md) instruct the agent to generate a minimal application and start a localhost server to preview or browse the design system. While a common development practice, this involves running local services based on generated content.
[EXTERNAL_DOWNLOADS]: The HTML template (templates/catalog.template.html) fetches resources from well-known services, specifically Tailwind CSS (cdn.tailwindcss.com) and Google Fonts (fonts.googleapis.com). Additionally, the import workflow (workflow-import.md) allows for fetching design system data from user-provided URLs.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from external URLs, file exports, and local component files, which are then processed and used to generate new component specifications and the interactive catalog.
Ingestion points: workflow-import.md (URL, File, Code), steps-c/step-01-scan-existing.md (local component files).
Boundary markers: Not explicitly defined in the templates or instructions for the imported content.
Capability inventory: The skill can perform file writes (creating components), network operations (fetching from URLs), and command execution (serving localhost).
Sanitization: The instructions do not specify sanitization or validation logic for the content extracted from external sources.

wds-7-design-system