The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the execution of several internal Node.js scripts (detect-topic.js, fetch-docs.js, analyze-llms-txt.js) to perform its core documentation discovery and analysis logic.
[COMMAND_EXECUTION]: The repository analysis workflow instructs the agent to execute shell commands including 'git clone' for arbitrary external repositories and 'npm install -g repomix' for global tool installation.
[COMMAND_EXECUTION]: The script env-loader.js reads environment configuration files from parent directories including the sensitive .claude directory to load API keys and other settings.
[EXTERNAL_DOWNLOADS]: The fetch-docs.js script performs HTTPS GET requests to context7.com, which is an external domain used for documentation discovery.
[EXTERNAL_DOWNLOADS]: The skill includes a fallback workflow that involves cloning source code from external GitHub repositories based on user queries.
[REMOTE_CODE_EXECUTION]: The workflow encourages the installation and use of the 'repomix' package from the public NPM registry, which involves downloading and executing third-party code.
[PROMPT_INJECTION]: The skill possesses a vulnerability surface for Indirect Prompt Injection (Category 8) due to its core function of fetching and processing external data.
Ingestion points: Documentation files fetched from context7.com and code content ingested via repository cloning and packing.
Boundary markers: None identified; the skill does not use specific delimiters or instructions to prevent the agent from following commands embedded in the fetched documentation.
Capability inventory: The skill has capabilities for Node.js script execution, file system access, and shell command execution.
Sanitization: While query parameters are normalized, the actual content of the documentation is not sanitized or filtered for instructions before being processed by the agent.

docs-seeker