The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions and specific command sequences to modify user shell configuration files (such as ~/.zshrc and ~/.bashrc) to persist environment variables like ARIZE_SPACE_ID. Automated or guided modification of shell startup scripts is a persistence mechanism.
[PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by processing and interpolating untrusted production data into a prompt for another LLM.
Ingestion points: Untrusted data enters the agent context through CLI-exported trace data and experiment results found in trace_*/spans.json, dataset_*/examples.json, and experiment_*/runs.json.
Boundary markers: The optimization meta-prompt uses structural headers (e.g., PERFORMANCE DATA) but lacks explicit instructions to the model to ignore or escape instructions that might be embedded within the trace records.
Capability inventory: The skill utilizes the ax CLI tool, jq for JSON manipulation, and shell commands for file system and environment variable operations.
Sanitization: No sanitization or validation of the ingested trace data is performed before it is concatenated into the meta-prompt for the optimization phase.

arize-prompt-optimization