The Agent Skills Directory

[PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface by reading and processing the contents of documentation files, such as CLAUDE.md and SKILL.md, through downstream AI agents. These files, which may be modified by external contributors, could contain malicious instructions. \n- Ingestion points: Documentation files discovered in the repository, including **/CLAUDE.md and .claude/skills/*/SKILL.md. \n- Boundary markers: Absent; the agent prompts in the skill definition do not use delimiters or instructions to distinguish the analyzed documentation from the agent's instructions. \n- Capability inventory: The skill executes shell commands (git, find, grep), reads local files, and generates proposed edits via an Opus agent. \n- Sanitization: Absent; content from the filesystem is passed to the agents without filtering or validation. \n- [COMMAND_EXECUTION]: The skill executes various standard shell commands via Bash scripts to perform file discovery and content extraction. This includes the use of git diff, find, grep, and cat. These operations are necessary for the skill's primary function but represent a standard command execution surface within the user's local environment.

sync-claude