The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The workflow in SKILL.md (Phase 2.5) explicitly instructs the agent to search for and install external skills using the command npx skills add <owner/repo@skill> -g -y. This allows for the dynamic installation and execution of arbitrary code from remote repositories on the host system.
[EXTERNAL_DOWNLOADS]: The skill fetches tools and configuration from the vercel-labs organization on GitHub. This is documented as a neutral operation as the source is a well-known and trusted service provider.
[PROMPT_INJECTION]: The skill implements an architecture that processes untrusted user input (SaaS project ideas and requirements) and interpolates it into persistent system-level documentation such as .cursorrules and CLAUDE.md. These files are intended to guide the behavior of AI agents in subsequent sessions, creating a risk of indirect prompt injection if a user provides malicious instructions during the setup phase.
Ingestion points: User responses collected during the Phase 1 Q&A script (01-qna-script.md).
Boundary markers: None identified; user input is directly inserted into template placeholders like {{PROJECT_NAME}} and {{ONE_LINER}}.
Capability inventory: The skill performs file writing, installs external packages/skills, and executes shell commands for project initialization.
Sanitization: No evidence of input validation, escaping, or "ignore instructions" delimiters for external content was found in the templates.
[COMMAND_EXECUTION]: The skill executes multiple shell commands to manage project state and dependencies, including npx skills add, npm run, and database migration commands. The use of the -y flag in installation commands bypasses user confirmation prompts during the automated workflow.

neldivad-blueprint-instantiator