The Agent Skills Directory

[COMMAND_EXECUTION]: The script src/index.ts executes npm list using execSync. This is the primary method for gathering dependency information but involves subprocess execution on the host environment.
[PROMPT_INJECTION]: The SKILL.md file includes instructions about a 'Knowledge Protocol' that makes claims about secret handling and data leakage prevention. These instructions attempt to override or define agent behavior regarding sensitive data and should be treated as data rather than authoritative security controls.
[PROMPT_INJECTION]: The skill processes untrusted data from package manifests, creating a surface for potential indirect injection if the resulting report is interpreted by an LLM.
Ingestion points: src/index.ts parses the output of the npm list command, including package names, versions, and licenses.
Boundary markers: The skill does not use specific delimiters or instructions to prevent the agent from obeying strings found in the dependency data.
Capability inventory: The skill can execute shell commands (execSync) and write files (safeWriteFile).
Sanitization: No sanitization or validation is performed on the dependency names or license fields before they are processed or written to the output.

license-auditor