The Agent Skills Directory

[Prompt Injection] (LOW): Indirect Prompt Injection surface detected. The skill reads and processes external project files to build a knowledge model for test generation.
Ingestion points: Discovery searches for domain entities, commands, and controllers (PHASE 1A/1B) using Read and Grep tools.
Boundary markers: Absent. The instructions do not define clear delimiters for untrusted data or provide instructions to ignore embedded commands within the analyzed code.
Capability inventory: The agent is granted Bash, Write, and Edit permissions, which could be exploited if malicious code being analyzed contains embedded instructions.
Sanitization: Absent. There is no mention of escaping or validating the contents of the files being read.
[Command Execution] (SAFE): The skill is granted access to the Bash tool. Analysis of the instructions confirms its intended use is limited to discovery searches and Grep operations for code analysis, which is consistent with its primary purpose as a test generation tool. No execution of remote or dynamically generated scripts was detected.

test-generation