The Agent Skills Directory

[DYNAMIC_EXECUTION]: The skill mandates a verification process (Step 11) that requires the agent to execute shell commands such as npm run build, npm run dev, and kill %1. These commands are used to test and manage a local development server for the code generated by the agent.\n- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The automated verification protocol involves npm install and npx, which download and execute packages from the NPM registry. While targeted at standard tools like next, tsc, and eslint, this represents a vector for external dependency risk.\n- [PROMPT_INJECTION]: The skill uses strong imperative language ('MANDATORY', 'non-negotiable') and role-play instructions ('Senior Frontend Developer') to ensure the agent adheres to specific design and testing protocols, which may override standard task-handling constraints.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user prompts to generate frontend code that is subsequently built and executed by the verification steps. The lack of explicit boundary markers or input sanitization creates a potential surface for malicious instructions to influence the generated codebase.\n
Ingestion points: User-provided prompts describing product requirements and UI features in SKILL.md.\n
Boundary markers: None; user requirements are directly integrated into the design and code generation logic.\n
Capability inventory: Full shell execution (npm, npx, kill), file system access for project scaffolding, and local networking capabilities via curl.\n
Sanitization: No explicit sanitization or validation of user-provided strings is performed before they are incorporated into the executable code.

modern-frontend-design