The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it reads external file data which may contain malicious instructions. 1. Ingestion points: The Read and Grep tools in SKILL.md ingest file contents into the agent context. 2. Boundary markers: Absent; there are no instructions to delimit or ignore embedded instructions within processed files. 3. Capability inventory: The skill utilizes shell commands including find, wc, stat, and du. 4. Sanitization: Absent; the skill does not specify any validation or filtering of the file data it retrieves.
[COMMAND_EXECUTION] (SAFE): The skill provides templates for standard Unix utilities to perform file metadata analysis. Evidence: Includes stat, ls, wc, and du for gathering statistics. Context: These operations are consistent with the skill's primary purpose and are used in a non-destructive, read-only manner.

file-operations