The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes make validate and bash dev/validate_skills.sh. These commands are used to check the integrity and specification compliance of skills within the repository. This is standard behavior for a development-focused tool.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it reads and modifies external SKILL.md files which could contain malicious instructions designed to subvert the agent's validation logic.
Ingestion points: Reads and analyzes the content of other SKILL.md files and directory structures in the repository during the validation loop.
Boundary markers: Absent; there are no specific delimiters or instructions provided to the agent to treat the content of the validated files as untrusted data rather than instructions.
Capability inventory: The skill has the capability to execute shell commands and write changes to the filesystem to fix validation errors.
Sanitization: Absent; the skill does not implement sanitization or validation logic to filter potentially malicious text within the skills it processes.

validate-fix