The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests and processes untrusted data from the user's source code and locale files, creating a vulnerability surface for indirect prompt injection. \n
Ingestion points: The scripts/i18n_audit.py script (line 39) and rg commands scan file contents across the directory specified by the --src argument. \n
Boundary markers: Absent; the content is read directly from files without delimiters or instructions to ignore embedded commands. \n
Capability inventory: The agent can execute package installations (npm install), modify source code, and write to JSON locale files based on the audit results. \n
Sanitization: No sanitization or validation is performed on the extracted keys or text before they are processed by the agent. \n- [COMMAND_EXECUTION] (SAFE): The skill requires the execution of a local Python script and standard utilities like rg (ripgrep) and json.tool. These operations are standard for development environments and are limited to the target project directory. \n- [DATA_EXPOSURE & EXFILTRATION] (SAFE): Analysis of the Python script and workflow instructions reveals no network-based data exfiltration or access to sensitive system credentials outside the project scope.

i18n-expert