The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it identifies and executes build/test commands (e.g., npm run lint, cargo test) based on the content of configuration files like package.json or pyproject.toml in the target repository. \n- Ingestion points: Target repository configuration files (processed in scripts/harness/*.sh templates). \n- Boundary markers: Absent; the skill lacks specific delimiters to isolate untrusted repository data. \n- Capability inventory: Local execution of package manager commands and subprocess.run calls within scripts/harness_wizard.py. \n- Sanitization: None; the tool is designed to execute the commands defined within the target repository. \n- COMMAND_EXECUTION (LOW): The skill performs local command execution (Category 10) to facilitate repository bootstrapping and auditing. The provided harness templates utilize eval to support command overrides via environment variables (e.g., HARNESS_LINT_CMD). While these are standard practices for developer-oriented automation tools, they constitute dynamic execution capabilities.

harness-engineering-playbook