The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes data from an external 'gap report' to generate tests and code fixes, creating an indirect prompt injection surface. * Ingestion points: Reads reports from the gap-analysis skill in the ANALYZE phase. * Boundary markers: Lacks delimiters to separate untrusted report data from core instructions. * Capability inventory: Can write to source files, create new test files, and execute system commands. * Sanitization: No evidence of validation or filtering for processed report data before code generation.
[COMMAND_EXECUTION]: The skill runs shell commands (e.g., pytest, swift test) to execute code it generates at runtime, which is a potential risk if the code generation process is compromised.

convergence-loop