The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill is configured to fetch markdown templates, contracts, and reference guides from the author's public GitHub repository (levnikolaevich/claude-code-skills) if they are not present in the local environment. This is used for retrieving audit criteria and reporting templates.
[COMMAND_EXECUTION]: The skill uses the Bash tool to perform several operations, most notably running the project's test suite multiple times to detect flaky tests or order-dependency issues. It also uses Grep and Glob to scan the codebase for isolation violations such as real database connections or unmocked API calls.
[DATA_EXFILTRATION]: While the skill reads sensitive configuration files (like connection strings) and has network access to fetch templates, it does so for the purpose of auditing and reporting within the local environment. No patterns were found indicating the exfiltration of this data to external servers.
[PROMPT_INJECTION]: The skill processes untrusted data from the codebase being audited (test files, metadata). There is an inherent risk of indirect prompt injection if those files contain malicious instructions, but the skill includes specific workflows (like the two-layer detection methodology) to help the agent maintain context and focus on its primary auditing task.

ln-635-test-isolation-auditor