The Agent Skills Directory

PROMPT_INJECTION (MEDIUM): The skill contains mandatory behavioral instructions, specifically requiring the agent to announce that the guide has been read in the first response and forcing the use of TodoWrite for checklists.
COMMAND_EXECUTION (MEDIUM): The 'Mandatory Workflow 1' requires the agent to execute a local bash script located at ~/.claude/skills/getting-started/skills-search, which allows the skill to initiate local command execution.
INDIRECT_PROMPT_INJECTION (HIGH): 1. Ingestion points: Results from the skills-search script and the synthesis output from the search-agent.md subagent. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are provided for processed data. 3. Capability inventory: The agent has access to bash execution, the Read tool, and the TodoWrite tool. 4. Sanitization: Absent; there is no requirement to escape or validate content retrieved from past conversations or search results. This tier is HIGH due to the combination of processing untrusted historical data with the capability to execute commands and write to the system.

Getting Started with Skills