The Agent Skills Directory

COMMAND_EXECUTION (HIGH): The skill uses the run_in_terminal tool to execute pnpm test. This capability allows for the execution of arbitrary scripts defined in a project's package.json or within the test files themselves. If a user or external contributor can modify these files, they can achieve arbitrary command execution on the host system.
PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). It is designed to read and follow external documentation and process project source code without any boundary markers or sanitization. 1. Ingestion points: The skill uses read_file to access ../../../docs/standards/testing.md and other local project source/test files. 2. Boundary markers: No delimiters or explicit 'ignore embedded instructions' warnings are present to distinguish between data and instructions. 3. Capability inventory: The agent has access to run_in_terminal, create_file, and read_file. 4. Sanitization: No validation or filtering is applied to the ingested content. A malicious instruction hidden in the documentation or a test file could trick the agent into misusing its terminal access for unauthorized actions such as file modification or data exfiltration.

test-engineer