The Agent Skills Directory

[PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by parsing external plugin files. Ingestion points: Monitors and parses user-provided files (plugin.json, .md) in the project directory via the FileWatcher and HotReloader components. Boundary markers: Structural validation is performed on JSON and YAML, but no specific delimiters are defined to isolate untrusted content from agent instructions. Capability inventory: The skill is authorized to use Bash, Read, Write, Edit, Glob, and Grep tools. Sanitization: The HotReloader validates file formats and required fields but does not filter content for embedded instructions.
[COMMAND_EXECUTION]: The workflow incorporates the use of the Bash tool for scaffolding projects and executing vendor-provided development commands such as /mp:dev.

devstudio