The Agent Skills Directory

[COMMAND_EXECUTION]: The generator script scripts/generate_crud.py is vulnerable to code injection. It uses string interpolation to build TypeScript source code from JSON input provided at the command line without any sanitization or escaping.
Evidence: Functions like generate_table_fields, generate_create_fields, and generate_filter_fields use f-strings to insert field names directly into generated code, such as line = f" {name}: {drizzle_type}('{name}')" in generate_table_fields. A malicious input could break out of the string literal using characters like '); to execute arbitrary TypeScript.
[COMMAND_EXECUTION]: The script is vulnerable to path traversal through the module and output directory parameters.
Evidence: The --output and --feature arguments are used to construct file paths via Path(base_path) / camel_name. Because the script does not validate these paths or check for parent directory references (e.g., ../), it can be coerced into writing files outside the intended project directory.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from user requests to generate code.
Ingestion points: SKILL.md instructs the agent to gather entity names and field lists from user interactions (Step 1).
Boundary markers: None present. The instructions do not include delimiters or validation steps for the input JSON.
Capability inventory: The skill uses the Write tool to create multiple files across a directory structure and executes a Python script that defines the content of those files.
Sanitization: No sanitization, escaping, or schema validation is performed on the feature or fields inputs within scripts/generate_crud.py before they are interpolated into templates.

nestjs-drizzle-crud-generator