The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill is designed to discover and read the frontmatter of other local SKILL.md files to generate documentation, creating a surface for untrusted local data to influence the agent. * Ingestion points: File discovery and reading of frontmatter from .claude/skills and plugins subdirectories. * Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions within the summarized content. * Capability inventory: File system discovery (find, ls), symlink creation (ln -s), and markdown file generation. * Sanitization: Absent; the skill summarizes found metadata without validation.
Command Execution (SAFE): Employs standard shell commands (find, ls, ln) to locate and link local documentation files. These actions are restricted to the local filesystem and project-specific paths, posing no significant security risk in this context.

agents-md