The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/generate_report.py includes a generate_script method that dynamically assembles shell scripts from template content and applies executable permissions (chmod 0o755) to the resulting files. This allows for the creation of arbitrary executable scripts on the filesystem based on input provided during the report generation process.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes potentially untrusted external test data without sanitization.
Ingestion points: Test result and coverage files located via Glob patterns (e.g., **/junit.xml, **/test-results.json, **/coverage/lcov.info) as specified in the SKILL.md instructions.
Boundary markers: None identified; instructions do not suggest the use of delimiters or 'ignore' instructions when parsing raw test data.
Capability inventory: The skill allows file system writing (Write, Edit) and shell command execution via the Bash tool (restricted to test:report-* patterns).
Sanitization: There is no evidence of filtering, escaping, or validation of test failure messages or stack traces before they are interpolated into Markdown and HTML reports.

generating-test-reports