The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes natural language content from external skill files (SKILL.md, README.md) to determine quality scores and lifecycle status. Malicious instructions within those files could attempt to override the auditor's logic.
Ingestion points: The skill reads metadata and documentation from all subdirectories within the target skills_directory (SKILL.md).
Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard embedded commands in the audited files.
Capability inventory: The skill has the authority to write to the filesystem, modifying agent.yaml and README.md files and creating an ASQM_AUDIT.md report (SKILL.md).
Sanitization: No sanitization or validation logic is defined to filter out adversarial instructions from the audited content.
[COMMAND_EXECUTION]: The skill is designed to perform automated file system modifications, specifically updating configuration files (agent.yaml) and documentation (README.md) for each detected skill, as well as generating a repository-wide audit summary (ASQM_AUDIT.md). These actions are consistent with its meta-management purpose.

curate-skills