The Agent Skills Directory

[COMMAND_EXECUTION]: The skill manages development servers by executing shell-level commands.
Evidence: tools/server-manager.ts uses Bun.spawn to launch server commands (e.g., bun run dev) and uses kill to terminate processes identified via lsof.
Scope: Execution is limited to scripts defined in the project's package.json or provided via user-supplied CLI arguments for server management.
[EXTERNAL_DOWNLOADS]: The skill interacts with local and external network resources for verification and design fetching.
Evidence: tools/playwright-runner.ts automates browser sessions to visit local or remote URLs to capture screenshots and logs.
Evidence: workflows/implement-feature.md outlines integration with the Figma API to retrieve design specifications.
[PROMPT_INJECTION]: The skill possesses an attack surface for Indirect Prompt Injection (Category 8) due to its processing of untrusted external content.
Ingestion points: The skill ingests data from Figma APIs, web page console logs, and rendered UI screenshots.
Boundary markers: Visual verification prompts (e.g., in workflows/verify-visual.md) do not include explicit instructions to the vision model to ignore instructions embedded within the screenshots or logs.
Capability inventory: The agent has access to subprocess execution (Bun.spawn), file system modifications, and browser automation.
Sanitization: There is no evidence of sanitization for error logs or text extracted from web pages before they are used to influence the development loop logic.

design-implementation