The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local bash script (scripts/gather_metadata.sh) that automates codebase analysis by calling common CLI tools such as git, node, find, grep, and wc.
[DATA_EXFILTRATION]: The metadata script extracts information from the local project environment, including repository origin URLs and the presence of configuration files like .env. While this data is processed by the agent, the skill contains explicit safety guidelines preventing the inclusion of actual secrets or credentials in the output briefing.
[PROMPT_INJECTION]: The skill reads arbitrary files from the user's project directory (documentation, source code), creating a surface for indirect prompt injection. This risk is acknowledged as part of the exploration task and is mitigated by the structured constraints of the briefing template.

project-onboarding