The Agent Skills Directory

PROMPT_INJECTION (LOW): Indirect prompt injection risk via data ingestion.
Ingestion points: Reads package.json, .env.example, docker-compose.yml, and git diffs (e.g., auth.service.ts).
Boundary markers: None explicitly defined in the prompt logic to differentiate between code structure and embedded malicious instructions.
Capability inventory: The skill uses Read, Write, Edit, and Grep tools to modify project files.
Sanitization: No evidence of sanitization or escaping of external content before it is processed by the LLM to suggest README updates.

readme-updater