The Agent Skills Directory

[COMMAND_EXECUTION]: Executes local repository commands including grep, ls, and npm run. These actions are necessary for the skill's stated purpose of auditing documentation and verifying dashboard generation.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and following instructions found in external documentation files.
Ingestion points: Processes content from docs/, README.md, and package.json.
Boundary markers: No explicit delimiters are used to separate documentation content from agent instructions.
Capability inventory: Possesses the ability to read files, execute local npm scripts, and write audit reports to the filesystem.
Sanitization: Documentation content is followed literally without validation or filtering.
[CREDENTIALS_UNSAFE]: Includes instructions to use a mock password (test123) for simulation. While this prevents the use of real secrets during the audit, the environment variable assignment pattern is documented.

first-time-user-dashboard