The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted code from external repositories to extract patterns. This creates a surface for indirect prompt injection, where an attacker could place instructions in code comments or documentation to manipulate the analysis outcome.\n- Ingestion points: Files from user-provided example projects are read during the 'Discover' phase as defined in SKILL.md and analysis-worksheet.md.\n- Boundary markers: The sub-agent prompt skeleton in analysis-worksheet.md lacks explicit instructions to ignore instructions found within the data being analyzed.\n- Capability inventory: The skill facilitates file reading, writing to the _working/ directory, and spawning sub-agents via the coordinator.\n- Sanitization: There is no evidence of sanitization or filtering of the ingested code content before it is passed to the analysis sub-agents.

coding-fingerprint-wizard