The Agent Skills Directory

[SAFE]: The skill implements its stated functionality using standard template-based code generation. No suspicious network operations, hardcoded credentials, or obfuscated code were found. The tool scaffolds feature-based architecture for Spring Boot 3 applications, separating domain, application, and infrastructure layers according to established architectural patterns. All operations are local and triggered by explicit agent actions.\n- [PROMPT_INJECTION]: The skill processes external entity specifications (JSON/YAML) via the generate_crud_boilerplate.py script. This presents an indirect prompt injection surface where instructions could be hidden in metadata or field names within the specification file. However, the script uses string.Template.safe_substitute for interpolation, which mitigates direct code execution risks during the rendering process.\n
Ingestion points: scripts/generate_crud_boilerplate.py reads file content from the --spec argument provided at runtime.\n
Boundary markers: Not explicitly implemented in the template rendering logic.\n
Capability inventory: The skill has access to Write, Bash, and Edit tools, allowing it to modify the filesystem based on user input.\n
Sanitization: Identifier names are validated for PascalCase format to ensure they represent valid Java class names, but the script otherwise relies on the integrity of the provided specification file.

spring-boot-crud-patterns