The Agent Skills Directory

Unverifiable Dependencies & Remote Code Execution (LOW): The reference file 'references/project-initial-analysis.md' suggests using package managers through commands like 'npm install' and 'pip install -r requirements.txt'. While these are standard build tools, they facilitate the download and installation of external packages. The risk is minimized because they are provided as generic templates for legitimate project analysis purposes.\n- Indirect Prompt Injection (LOW): The skill performs '项目全景扫描' (full-scale project scanning) which ingests file content and metadata from untrusted codebases. Evidence Chain (Category 8): 1. Ingestion points: Scanning of project directories and file contents (SKILL.md). 2. Boundary markers: No explicit delimiters are used to separate ingested data from agent instructions. 3. Capability inventory: The skill allows for file system reading and shell command execution (mvn, npm, python). 4. Sanitization: No sanitization or validation of project content is described.\n- Dynamic Execution (LOW): The skill provides templates for running local project code, such as 'npm start' and 'python manage.py runserver', which results in the execution of code located within the environment being analyzed.

architecture-governance