The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local initialization script located at ${CLAUDE_PLUGIN_ROOT}/scripts/cli init. This is a routine operation for setting up the agent's environment within the platform.- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it reads and processes data from untrusted local project files to build a user profile and determine next steps. Malicious instructions embedded in these files could potentially influence the agent's recommendations.
Ingestion points: The agent reads content from README.md, package.json, pyproject.toml, CLAUDE.md, and AGENTS.md in the current working directory.
Boundary markers: No specific delimiters or instructions are provided to the agent to ignore potential malicious prompts within these files.
Capability inventory: The skill has the ability to execute shell commands (cli init) and read various files across the filesystem.
Sanitization: There is no evidence of content sanitization or validation performed on the data retrieved from the project files before it is used to influence agent state.

start