The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute the claudish CLI for consulting external models, specifying a 10-minute timeout (600,000ms) for these operations to handle external API response times.
[EXTERNAL_DOWNLOADS]: The skill facilitates the transfer of local project data, including source code, tests, and documentation, to external AI providers such as OpenAI, Google, and xAI. These are recognized as well-known technology services and the data transfer is part of the skill's intended functionality.
[PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes entire codebases through external models without explicit sanitization or boundary markers.
[PROMPT_INJECTION]: Ingestion points: The skill reads local files from the pkg/, tests/, and ai-docs/ directories as well as investigation-prompt.md.
[PROMPT_INJECTION]: Boundary markers: The instructions do not specify the use of clear delimiters or instructions to ignore embedded commands when passing file content to external models.
[PROMPT_INJECTION]: Capability inventory: The skill leverages the Bash tool for shell execution and filesystem operations in the ai-docs/ sessions directory.
[PROMPT_INJECTION]: Sanitization: No evidence of validation, escaping, or filtering of codebase content is present before transmission to external APIs.

external-model-selection