The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads and installs several Node.js packages from the npm registry, including "@aptx/frontend-tk-cli", "@aptx/api-client", "@aptx/api-query-react", and "@aptx/api-query-vue". These resources are owned by the skill's author and are essential for its stated code-generation functionality.
[COMMAND_EXECUTION]: The skill executes the "pnpm exec aptx-ft" command to run its generation logic. Additionally, it uses shell utilities such as "ls" and "cat" to inspect the local filesystem for "package.json" files and directory structures to determine project configurations during the discovery phase.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external files to influence its behavior.
Ingestion points: Reads "openapi.json" for API definitions and "package.json" for project metadata used in command parameters.
Boundary markers: There are no explicit instructions or delimiters used to separate the external file content from the agent's core instructions.
Capability inventory: The skill has the ability to execute CLI tools ("pnpm exec"), list directory contents ("ls"), and read files ("cat").
Sanitization: The skill does not implement validation or sanitization for the content extracted from the OpenAPI or package configuration files before use.

generate-artifacts