The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell scripts to automate project setup and bundling. The scripts/init-artifact.sh script performs project initialization and configuration, including the global installation of the pnpm package manager if not present. The scripts/bundle-artifact.sh script manages the build and inlining of assets into a single HTML file.
[EXTERNAL_DOWNLOADS]: Both scripts download numerous standard development dependencies from the official NPM registry, a well-known service. This includes the Vite build tool, Tailwind CSS, the Parcel bundler, and over 40 UI components from the shadcn/ui and Radix UI libraries.
[PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection via the project name parameter. * Ingestion points: The argument in scripts/init-artifact.sh. * Boundary markers: None present. * Capability inventory: File system access and shell command execution across the initialization and bundling scripts. * Sanitization: The project name is not sanitized before being injected into the HTML title tag, allowing for potential HTML injection in the generated artifact.

artifacts-builder