The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions in SKILL.md direct the AI agent to execute shell commands such as cp and python to copy templates and run scripts.
[COMMAND_EXECUTION]: The skill depends on external scripts (unpack.py and pack.py) located at /mnt/skills/public/docx/scripts/ which are not included in the analyzed file set, making their behavior unverifiable.
[PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it interpolates user-provided data, specifically the project name [proyecto], directly into shell command strings. A malicious user could provide a project name containing shell metacharacters (e.g., ; rm -rf /) to execute unauthorized commands.
Ingestion points: User project names and functional requirements collected during the estimation workflow.
Boundary markers: Absent; user input is directly placed into shell command templates.
Capability inventory: Shell command execution via cp and execution of Python scripts via the python interpreter.
Sanitization: No sanitization or validation of the project name or other user-supplied variables is specified in the instructions.

project-estimator