The Agent Skills Directory

[DYNAMIC_EXECUTION]: The script scripts/health-check.sh retrieves a command string from the .claude/config/project.json configuration file and executes it using the eval command. This pattern is designed for flexibility in project-specific health checks but introduces a risk of arbitrary command execution if the local configuration file is modified by an untrusted source.- [INDIRECT_PROMPT_INJECTION]: The skill's automation scripts (e.g., for commits and health checks) rely on data from local JSON files like feature-list.json and project.json. Because this data is used in shell execution and commit messages without explicit sanitization, it creates a surface for indirect prompt injection.
Ingestion points: Project configuration file (.claude/config/project.json) and feature tracking data (.claude/progress/feature-list.json).
Boundary markers: None identified.
Capability inventory: Shell command execution (including eval and background jobs), file system modifications via jq, and git repository management.
Sanitization: The scripts rely on jq for data extraction but do not perform additional validation on the extracted strings before using them in sensitive operations.

implementation