The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface detected. Ingestion points: The skill retrieves quality gate status and failure details via the 'mcp__sonarqube__*' tools from external SonarQube/SonarCloud instances. Boundary markers: The skill instructions do not specify any delimiters (like XML tags or triple backticks) or include an 'ignore embedded instructions' warning when handling tool outputs. Capability inventory: The skill is restricted to 'mcp__sonarqube__' tool usage and reporting failure reasons. Sanitization: There is no evidence of sanitization, validation, or filtering of the content retrieved from the SonarQube reports before it is processed by the agent.

sonarqube-check