The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to construct and execute shell commands (find, mvn, cd) using input directly derived from $ARGUMENTS. While the implementation includes a parsing step to split input by spaces, it lacks explicit escaping or sanitization for shell metacharacters such as semicolons (;), pipes (|), or backticks (`). This could allow a malicious module name to execute unintended commands in the local environment.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted user input through the $ARGUMENTS variable and interpolating it into both local shell commands and subagent prompts.
Ingestion points: User input enters via the $ARGUMENTS variable in SKILL.md.
Boundary markers: No explicit boundary markers or 'ignore embedded instructions' warnings are used when passing module names to subagents.
Capability inventory: The skill has the capability to execute shell commands (find, mvn) and dispatch subagents with specific instructions.
Sanitization: The skill performs basic whitespace splitting and filtering of the word 'and', but does not provide logic to sanitize against shell control characters or prompt-level injection attacks.

quarkus-module-build