The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform local file operations such as reading agent definitions and skill configurations (cat agents/{agent-name}.md, cat skills/{skill-name}/SKILL.md). It also describes running a local evaluation harness using python evals/harness.py. These actions are consistent with the documented purpose of agent development and testing.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests content from agent and skill definition files to generate test inputs for subagents.
Ingestion points: Files are read from the agents/ and skills/ directories using the cat command and then used to define test scenarios in the Task tool.
Boundary markers: The skill documentation explicitly demonstrates the use of triple-quote blocks (""") for prompt interpolation when calling the Task tool, which provides structural separation between instructions and ingested content.
Capability inventory: The skill is granted access to tools including Read, Write, Bash, Grep, Glob, Edit, and Task, which are necessary for its lifecycle management and testing functions.
Sanitization: There is no explicit evidence of content sanitization or filtering for the data read from external files before it is passed to the subagent dispatch mechanism.

testing-agents-with-subagents