The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection when processing specification files. Ingestion points: API specifications are ingested from the {baseDir}/api-specs/ directory as defined in SKILL.md. Boundary markers: The skill does not provide instructions to the agent to ignore or delimit instructions found within the specifications. Capability inventory: The skill has the capability to write to the source directory via the Write tool and execute prefixed shell commands via Bash(api:log-*). Sanitization: No sanitization or validation of the specification content is mentioned or implemented.
[COMMAND_EXECUTION]: The skill uses the Bash tool restricted to the api:log-* namespace. This prefixing provides a significant security control by limiting the agent to a specific set of vendor-defined commands and preventing the execution of arbitrary system utilities.

logging-api-requests