The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides several Python scripts (create_test_session.py, verify_test_session.py, verify_all_sessions.py, verify_skill.py) that create directories and write files to the local file system within a user-specified project root. The verify_skill.py script specifically executes other internal Python scripts using subprocess.run to perform self-validation.
[PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface because it is designed to read and analyze arbitrary files from a target project. 1. Ingestion points: Untrusted project files such as CLAUDE.md, AGENTS.md, and source code files read by the agent during project initialization and analysis. 2. Boundary markers: The skill uses structured Markdown templates for plans and reports, but does not implement strict delimiters or 'ignore' instructions for all processed data. 3. Capability inventory: File system modification (write/create) and local script execution via the provided Python utility scripts. 4. Sanitization: No specific content sanitization or filtering of external project data is performed before it is interpolated into agent prompts.

auto-test-project