The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses high-pressure, mandatory instructions ("CRITICAL: First Action", "THIS MUST BE YOUR FIRST ACTION", "Do NOT... do anything else") to force the agent into a specific execution loop before it can evaluate the user request or project context. This overrides the agent's autonomous decision-making and default exploration behavior.\n- [COMMAND_EXECUTION]: The instructions require the immediate execution of a local shell script (setup-superpower-loop.sh) with the $ARGUMENTS variable passed directly as a command-line parameter. Since $ARGUMENTS contains arbitrary user input, this pattern facilitates command injection if the underlying script does not implement robust input validation or proper escaping.\n- [DATA_EXFILTRATION]: The skill launches research sub-agents which are tasked with both codebase exploration and performing web searches. This creates a risk where project-specific details, architectural patterns, or proprietary logic can be inadvertently leaked to third-party search providers through the generated search queries.\n- [EXTERNAL_DOWNLOADS]: The skill relies on external data fetched via WebSearch to inform design decisions and populate documentation. This content is integrated into the project's documentation files without specified sanitization or filtering, creating a surface for indirect prompt injection from malicious or poisoned web content.

brainstorming