The Agent Skills Directory

[COMMAND_EXECUTION]: The SKILL.md file contains a mandatory 'Memory Protocol' section that instructs the agent to execute the shell command cat .claude/context/memory/learnings.md at the start of its task. This facilitates local file system access to retrieve previous context.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection, where malicious instructions embedded in a Dockerfile could influence the agent's behavior.
Ingestion points: The skill is configured to ingest and process files matching the **/Dockerfile glob pattern as specified in SKILL.md and schemas/input.schema.json.
Boundary markers: There are no explicit boundary markers or XML-style tags defined in the instructions to separate input file content from the agent's system instructions, nor are there specific 'ignore embedded instructions' directives.
Capability inventory: The skill possesses significant capabilities, including the Read, Write, and Edit tools. Additionally, the provided scripts/main.cjs utilizes the Node.js fs module for file system operations.
Sanitization: The skill lacks any evidence of input sanitization, validation, or escaping of the Dockerfile content before it is processed by the model.

containerization-rules