The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The skill performs destructive operations using shell commands on paths constructed through variable interpolation. Evidence: In references/installation-process.md, references/uninstallation-process.md, and references/mode-4-destroy.md, the rm -rf command is executed on paths incorporating the PRODUCT_NAME variable, which is parsed from a project-level file.
COMMAND_EXECUTION (MEDIUM): The skill terminates a macOS system background service. Evidence: references/cache-management.md executes killall AudioComponentRegistrar to force a rebuild of the Audio Unit database.
PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via the project metadata it processes. Ingestion points: Data is ingested from plugins/$PLUGIN_NAME/CMakeLists.txt and PLUGINS.md. Boundary markers: Absent; external data is interpolated directly into shell script strings. Capability inventory: Bash with permissions to copy, remove, and modify files. Sanitization: Employs basic sed and grep for string extraction, which does not provide security-grade sanitization against path traversal or shell metacharacter injection if the input files are crafted by an attacker.

plugin-lifecycle