The Agent Skills Directory

[COMMAND_EXECUTION]: The documentation describes tools and structures that allow agents to execute arbitrary shell commands, such as the Bash tool and MCP server startCommand and installCommand configurations.- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of external software through npmDependencies, pipDependencies, and npx commands for fetching MCP servers like @anthropic-ai/mcp-server-filesystem.- [PROMPT_INJECTION]: The architecture relies on interpolating instructions into prompts for commands and subagents, creating a surface for indirect prompt injection when processing untrusted data.
Ingestion points: Agent memory files (agentMDFile), workspace files, and outputs from tools or MCP servers.
Boundary markers: The documentation does not explicitly detail the use of delimiters or 'ignore' instructions to isolate data from instructions.
Capability inventory: Includes Bash tool, file modification (Write, Edit), and package installation.
Sanitization: No specific sanitization or validation logic is presented for handling external content within prompts.- [NO_CODE]: The skill consists entirely of markdown documentation and type definitions, containing no executable scripts or code to analyze directly.

Agent Design 2