The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on 'uv run' to execute scripts, tests, and development tools. This behavior is expected for a project management tool but grants the agent the capability to run arbitrary code defined in the local environment or project configuration files.- [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of Python packages from external registries via 'uv add'. It also references the 'astral-sh/setup-uv' GitHub Action for CI/CD workflows, which is a trusted source from the tool's creators.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Evidence: 1. Ingestion points: 'pyproject.toml' and 'uv.lock' files in the project root. 2. Boundary markers: None defined to separate project metadata from agent instructions. 3. Capability inventory: File system access, network access (via uv), and subprocess execution ('uv run'). 4. Sanitization: No explicit validation or sanitization of project configuration data before execution.

python-project