The Agent Skills Directory

[COMMAND_EXECUTION]: The skill defines a system for 'Hooks' in hooks/hooks.json that allows the execution of local shell scripts (e.g., linting, validation) triggered by agent events like PostToolUse.- [COMMAND_EXECUTION]: Instructs the agent to query local Git configuration (git config user.name and user.email) to automatically populate metadata in generated plugin manifests.- [EXTERNAL_DOWNLOADS]: Contains configuration patterns for integrating MCP servers by fetching packages from the npm registry using 'npx -y' (e.g., @stripe/mcp-server).- [PROMPT_INJECTION]: The skill defines agent templates that ingest untrusted data (Category 8 indirect prompt injection surface). 1. Ingestion points: Agents in references/component-patterns.md use Read, Glob, and Grep tools to ingest content from user files. 2. Boundary markers: Absent in templates; user data is interpolated into prompts without explicit delimiters. 3. Capability inventory: The skill permits shell execution via hooks and file writing via the Write tool as documented in examples/full-plugin.md. 4. Sanitization: Absent in the simplified template examples provided.

plugin-master