The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted test and production code provided by the user (Ingestion points: SKILL.md Step 1). It lacks explicit boundary markers or sanitization for this external content (Boundary markers/Sanitization: Absent). The skill's capabilities are limited to reading files and generating reports (Capability inventory: Reading files). While this pattern represents an indirect prompt injection surface where instructions hidden in the processed code could attempt to influence the agent, the absence of execution, network access, or persistence tools makes this a low-risk architectural observation.

exp-assertion-quality