The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to process user-selected code through the ${selection} placeholder. This creates an attack surface for indirect prompt injection, where instructions hidden in the analyzed code could attempt to manipulate the agent's output.
Ingestion points: SKILL.md (via ${selection} placeholder).
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt template.
Capability inventory: None. This skill consists entirely of markdown instructions and does not include scripts, network operations, or file system access tools.
Sanitization: No input validation or sanitization of the ${selection} content is defined in the instructions.

dotnet-best-practices