The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill analyzes and modifies user-provided source code, which creates a potential vector for indirect prompt injection attacks where malicious code comments could influence agent behavior.
Ingestion points: The scanner (roles/scanner/role.md) and implementer (roles/implementer/role.md) roles read project files such as .tsx and .vue files to identify issues and prepare fixes.
Boundary markers: The prompt templates for spawning workers do not include explicit delimiters or instructions to ignore embedded commands within the analyzed source code.
Capability inventory: The skill is granted access to powerful tools including Bash, Write, and Edit, which are used to modify the project and execute local commands.
Sanitization: No logic was found to sanitize or filter potential adversarial instructions embedded in the project files before they are processed by the agent roles.
[COMMAND_EXECUTION]: Use of shell commands for development tasks. The skill uses the Bash tool to perform environment discovery and validate changes.
Project Inspection: Shell commands are used to detect frameworks via package.json analysis and file system globbing.
Test Validation: The tester role (roles/tester/role.md) executes npm test or npm run test:unit to verify that implemented fixes meet quality standards.
Utility Tooling: The skill invokes a local command-line interface (ccw cli) for performing complex codebase analysis and modification tasks as part of the implementation and scanning phases.

team-ux-improve