The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted local data, including project configuration files (chromatic.config.json, package.json), build artifacts (preview-stats.json), and git logs. This creates a surface for indirect prompt injection if those files were to contain malicious instructions.
Ingestion points: Defined in SKILL.md and reference/evidence-ladder.md, including CLI outputs, configuration files, and stats artifacts.
Boundary markers: The instructions do not define specific delimiters or boundary markers for the content being processed.
Capability inventory: reference/command-catalog.md lists capabilities including file searching via rg, git history inspection, and execution of the chromatic CLI tool.
Sanitization: No explicit sanitization logic for ingested file content is specified in the instructions.
[COMMAND_EXECUTION]: The skill utilizes several CLI tools for diagnostic purposes, including rg (ripgrep), git, and the chromatic package. These are standard development tools used within their intended scope for project analysis.
[EXTERNAL_DOWNLOADS]: The skill recommends the use of the @chromatic-com/turbosnap-helper and chromatic packages via npx. These are official tools provided by the service vendor for the functionality described in the skill.

turbosnap-debug