The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses dynamic context injection (the !command` syntax) in the SKILL.md file to execute shell commands automatically when the skill is loaded. This allows for automated reconnaissance without user intervention or explicit approval of the specific commands.
[DATA_EXFILTRATION]: Automated discovery via dynamic context specifically targets sensitive files such as .env, config.*, and settings.*. Identifying these files is a critical step in credential discovery and potential exfiltration.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from the source code it analyzes. Ingestion points: Processes untrusted source files (.ts, .py, .go, etc.) using the Grep and Read tools. Boundary markers: Absent; there are no instructions or delimiters directing the agent to ignore potentially malicious embedded instructions in the scanned code. Capability inventory: The skill utilizes Write and Edit tools to modify the file system based on the analysis results. Sanitization: Absent; content read from source files is not validated or escaped before it influences the agent's logic for applying fixes.

code-silent-degradation