The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple vendor-provided local scripts and command-line tools, including roscli, scripts\roscli.cmd, and scripts\roscli-warm.cmd to perform semantic code analysis and workspace management.
[COMMAND_EXECUTION]: The skill utilizes powershell.exe -ExecutionPolicy Bypass to execute the local script roslyn-rename-and-verify.ps1. This action explicitly overrides the system's PowerShell script execution policy, which is a mechanism intended to prevent the execution of untrusted scripts.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted repository content. Ingestion points: C# source files (.cs, .csx) and .NET project metadata (.csproj, .sln, .slnx) are read into the agent context via roscli navigation and context commands. Boundary markers: The skill does not implement specific delimiters or 'ignore embedded instructions' warnings for the content it reads. Capability inventory: The skill has extensive capabilities including reading source code (ctx.member_source), symbol lookup (nav.find_symbol), diagnostics triage (diag.*), and file modification (edit.*, session.commit). Sanitization: There is no evidence of content sanitization or validation performed on the source code extracted from the repository before it is presented to the agent.

roslynskills-research