The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands (cat, ls, grep, head) to inspect the project structure, detect technology stacks (Koa vs Elysia, MySQL vs PostgreSQL), and audit the contents of configuration files like CLAUDE.md and AGENTS.md.- [COMMAND_EXECUTION]: Per its defined workflow, the skill modifies the local file system by cleaning up CLAUDE.md, updating AGENTS.md with template content, and deleting legacy configuration directories like .cursor/rules/.- [DATA_EXFILTRATION]: The skill inspects the project's environment file (api/env.local.yml) using grep to identify the database provider. This is used for configuration purposes only, and no data is transmitted to external servers.- [PROMPT_INJECTION]: The skill processes untrusted external data by reading and potentially incorporating sections of CLAUDE.md and AGENTS.md into the agent's context. While this presents an attack surface for indirect prompt injection, the skill's logic focuses on replacing redundant content with trusted internal templates. (1) Ingestion points: CLAUDE.md, AGENTS.md, and source code files (controller/dao) are read during the analysis phase. (2) Boundary markers: No explicit boundary markers or 'ignore' instructions are used when processing existing file content. (3) Capability inventory: The skill has the capability to read files (cat), list directories (ls), and delete files/directories (rm). (4) Sanitization: No sanitization or validation of the input file content is performed before processing.

peach-setup-harness