The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides templates that incorporate the curl | bash pattern for installation instructions in SKILL.md and references/section-templates.md.
Evidence: SKILL.md contains the template curl -fsSL https://raw.githubusercontent.com/user/repo/main/install.sh | bash for quick installation.
Evidence: references/section-templates.md includes curl -fsSL https://... | bash in the Migration/Upgrade section templates.
[COMMAND_EXECUTION]: Numerous templates within the skill include shell commands for common development workflows and project maintenance.
Evidence: SKILL.md provides commands for manual builds (cargo build), repository cloning, and installation via package managers.
Evidence: references/section-templates.md includes potentially destructive commands like rm -rf ~/.tool/ and maintenance commands like cargo test or cargo clippy in the 'Contributing' and 'Security' sections.
[EXTERNAL_DOWNLOADS]: The documentation guidelines reference fetching resources from well-known external domains as part of standard software delivery workflows.
Evidence: Templates consistently suggest cloning from GitHub and executing scripts from raw.githubusercontent.com for installation and updates.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from existing project documentation.
Ingestion points: SKILL.md instructs the agent to read and revise the current README.md file of a project.
Boundary markers: The skill does not provide specific delimiters or instructions to ignore potential instructions embedded within the document being analyzed.
Capability inventory: The skill allows the generation of shell commands, configuration files, and architecture documentation based on the analyzed input.
Sanitization: No sanitization or validation of the input README content is performed before the agent processes it to generate the revised version.

crafting-readme-files