The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate_report.py script implements a generate_script method that dynamically writes a bash script to the disk and uses file_path.chmod(0o755) to make it executable. This represents a security risk because the content of the generated script is derived from the template argument, which can be influenced by user-provided input or external configuration, potentially allowing for arbitrary command execution.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface with the following characteristics:
Ingestion points: Reads configuration files from {baseDir}/config/ and processes project source code and coverage data in scripts/analyze_coverage.py and scripts/find_untested_code.py.
Boundary markers: No boundary markers or specific 'ignore' instructions are present to delimit untrusted data from the agent's instructions.
Capability inventory: The skill has permissions to write files, execute bash commands via the Bash(test:coverage-*) tool, and generate executable shell scripts.
Sanitization: There is no evidence of sanitization, validation, or escaping of the content ingested from the external project files or configurations before it is used in the workflow.

analyzing-test-coverage