The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies heavily on bash scripts to perform file system traversal, search for patterns using grep/sed, and verify file existence.
Evidence includes multiple steps using find, grep, and realpath to process project files.
Step 3 executes Rscript -e "installed.packages()[,'Package']" to inspect the local environment for installed R packages.
[EXTERNAL_DOWNLOADS]: Step 2 implements an external URL checker using curl to verify the status codes of links found in documentation.
The script iterates through URLs extracted from project files and performs network requests: curl -o /dev/null -s -w "%{http_code}" "$url".
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interprets content from the project being analyzed to drive its logic.
Ingestion points: The skill reads all markdown (.md), JavaScript/TypeScript (.js, .ts, .jsx, .tsx), Python (.py), and R (.R) files within the project_path provided as input.
Boundary markers: No boundary markers or "ignore instructions" delimiters are used when processing extracted content.
Capability inventory: The skill is granted Read, Write, Edit, and Bash permissions, which provide a significant capability set if the agent is misled by malicious content.
Sanitization: There is no evidence of sanitization or validation for the strings extracted from files (links, import paths) before they are passed into shell scripts or used to perform file edits.

repair-broken-references