The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on shell commands to perform its primary search and retrieval functions.
Evidence: The instructions direct the agent to check for the tool using which qmd and execute searches using qmd query or grep (SKILL.md).
Context: While this is essential for the skill's purpose, it establishes a command execution surface that could be exploited if inputs are not properly handled.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core design of ingesting and processing external wiki content.
Ingestion points: Untrusted data enters the agent context through wiki files (wiki/*.md), search results from the qmd CLI or MCP tools, and output from grep (SKILL.md).
Boundary markers: Absent. The instructions do not define delimiters or provide specific guidance to ignore instructions that might be embedded within the wiki files.
Capability inventory: The skill has the ability to execute shell commands (qmd, grep, cat), read files, and write new content to the filesystem (e.g., saving pages to wiki/sources/).
Sanitization: Absent. There is no mention of escaping, validating, or filtering the content retrieved from the wiki before it is used to synthesize an answer or influence the agent's logic.

wiki-query