The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill ingests untrusted data through user arguments, creating a potential surface for injection attacks.\n
Ingestion points: $ARGUMENTS interpolated into the <issues> block in SKILL.md.\n
Boundary markers: Input is delimited using <issues> tags, providing basic structural separation but no explicit instructions to the LLM to ignore embedded commands.\n
Capability inventory: The skill orchestrates debugger and tester sub-agents which likely have the ability to read files, write code, and execute tests.\n
Sanitization: No sanitization or safety-specific delimiters are applied to the external input before it is passed to sub-agents.\n- Prompt Injection (SAFE): The static instructions do not contain attempts to bypass safety filters or override system prompts.\n- Data Exposure & Exfiltration (SAFE): No credentials, sensitive file paths (beyond internal skill references), or unauthorized network operations were found.\n- Unverifiable Dependencies (SAFE): The skill utilizes internal sub-agent capabilities and references a local anti-hallucination protocol rather than external scripts or packages.

fix-fast