The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute the whoami command or read the USER environment variable. This is used to automatically populate the 'Author' field in the generated PRD document metadata.- [DATA_EXFILTRATION]: While not exfiltrating data to a remote server, the skill retrieves the local system username and writes it into a PRD file that may be shared or committed to a repository.- [INDIRECT_PROMPT_INJECTION]: The skill's primary function involves reading and analyzing untrusted source code provided by a user. It lacks specific delimiters or instructions to ignore potential malicious prompts embedded within code comments or string literals.
Ingestion points: Step 2 (深度阅读该功能模块的相关代码) reads file content using the Read tool.
Boundary markers: Absent; there are no instructions to the model to ignore instructions found within the code being analyzed.
Capability inventory: The skill has access to Write, Edit, and Bash tools, which could be misused if the model follows instructions found in analyzed files.
Sanitization: Absent; the skill does not perform validation or escaping of the ingested code content before processing.

prd