The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): Flag injection vulnerability in 'find' usage. The script uses 'find "${PROJECT_ROOT}"' in multiple validation checks (lines 58, 105, and 120). Because the 'find' utility interprets any argument starting with a hyphen as an expression or option rather than a path, a malicious input such as '-delete' would cause 'find' to delete files in the current directory instead of searching them. This is a common security pitfall in shell scripts. Mitigate by using './"${PROJECT_ROOT}"' to ensure the argument is treated as a path.\n- INDIRECT_PROMPT_INJECTION (INFO): The script performs static analysis on local source code and prints results to stdout. This creates an indirect prompt injection surface if an AI agent is used to interpret the results of the scan, as malicious instructions could be embedded in the comments or code of the files being scanned.\n
Ingestion points: Source code files (.tsx, .jsx, .vue, .svelte) read via 'grep' and 'find' within the directory specified by '${PROJECT_ROOT}'.\n
Boundary markers: The script does not use specific delimiters or headers to distinguish between its own logic and the data it extracts from files.\n
Capability inventory: Read-only access to local files via 'grep' and 'find'. No network or file-write capabilities are explicitly defined, though the 'find' flag injection provides a primitive for file deletion.\n
Sanitization: None; the script prints raw file contents or matching lines directly.

component-architecture