The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes Bash shell commands (test -f) in SKILL.md to check for configuration files in the project-local .baoyu-skills/ directory and the user's $HOME directory. These commands are restricted to checking file existence for the skill's own preferences and do not process untrusted input or perform sensitive system changes.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it incorporates external, untrusted content into the instructions for an image generation agent.\n
Ingestion points: External data is ingested from user-provided file paths or direct clipboard pastes during the Step 1.2 analysis phase in SKILL.md, and preferences are loaded from EXTEND.md.\n
Boundary markers: The prompt template in references/base-prompt.md lacks delimiters or protective instructions to prevent embedded commands in the source content from being interpreted by the model.\n
Capability inventory: The skill has file system write access for saving analysis and prompt files, and it can invoke external image generation skills.\n
Sanitization: No validation or escaping of the source material is performed before it is included in the final generation prompt.

baoyu-infographic