The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/main.cjs file utilizes child_process.execSync to run a local Node.js script located at a specific path (scripts/validation/validate-ecosystem-integrity.cjs). The execution is performed with shell: false, which prevents shell-related injection vulnerabilities by bypassing the command shell and executing the process directly.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because it is designed to read and analyze various files within the framework, including agent frontmatter and source code.
Ingestion points: Data enters the agent context through the outputs of Glob, Grep, and the validation script which parse project files.
Boundary markers: Findings are organized into a structured markdown report as defined in SKILL.md, although no specific adversarial-resistant delimiters are used for raw file content.
Capability inventory: The skill utilizes the Bash, Read, Glob, and Grep tools, and the associated script has the ability to execute local Node.js files.
Sanitization: The scripts/main.cjs file implements a strict regex whitelist that only extracts lines matching specific error tags (e.g., [PHANTOM_REQUIRE], [PHANTOM_SKILL]), which prevents arbitrary text from being interpreted as instructions by the agent.

ecosystem-integrity-scanner