The Agent Skills Directory

[COMMAND_EXECUTION]: Uses bash and standard filesystem utilities (ls, find, grep) to analyze directory structures and identify platform-specific files during the detection phase.
[COMMAND_EXECUTION]: Employs Edit capabilities on configuration files (jaan-to/config/settings.yaml) and template files within the context directory to perform 'Seed Reconciliation,' allowing the agent to update local project settings based on its analysis results.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted content from the target repository.
Ingestion points: The skill extracts text strings from a wide variety of repository files, including localization files (.json, .yml, .po, .xlf) and UI source code (.jsx, .tsx, .vue, .svelte).
Boundary markers: There are no explicit markers or 'ignore' instructions defined in the workflow to treat extracted strings as inert data, potentially allowing malicious instructions embedded in the repository to influence agent behavior.
Capability inventory: The agent has access to bash for command execution, Write operations for output generation, and Edit operations for modifying configuration and context files.
Sanitization: Extracted strings are analyzed by the reasoning engine without prior sanitization or validation for embedded instructional content.

detect-writing