The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes standard shell commands including git, cp, mkdir, and sed to synchronize the repository and manage project files. These operations are scoped to the skill's primary function of repository standardization.
[PROMPT_INJECTION]: Instructions explicitly direct the agent to use the cp command to move specific documents (CODE_OF_CONDUCT.md and SECURITY.md) rather than reading and writing their content. This is done to avoid triggering LLM content filters on terminology necessary for these documents. While used for a legitimate purpose here, this represents a known technique for circumventing platform safety guardrails.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and analyzes the project's source code to generate descriptive documentation. This could allow malicious instructions embedded in the project files to influence the agent's behavior or output.
Ingestion points: Local project source files and package manifest files (Step 1 in SKILL.md).
Boundary markers: None identified in the workflow for separating project content from agent instructions.
Capability inventory: File system modification access (cp, sed, mkdir) and git synchronization capabilities (git pull).
Sanitization: No sanitization or validation of the analyzed source code content is performed.

oss-ready