The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where user-provided feature names and package identifiers are interpolated into file system paths and source code content without sanitization.
Ingestion points: The feature_name, package, and output arguments in scripts/arch_generator.py are derived from user input provided to the AI agent.
Boundary markers: The script lacks delimiters or explicit instructions to isolate user-supplied strings from the file path construction logic.
Capability inventory: The script possesses the capability to create directories recursively (Path.mkdir) and write arbitrary text to the local filesystem (Path.write_text) across multiple project layers (ui, data, domain, di).
Sanitization: No validation or escaping is performed to prevent path traversal characters (e.g., ../) from being used in the feature name, which could allow writing files to unintended locations outside the target output directory.
[COMMAND_EXECUTION]: The skill relies on the execution of a Python script (scripts/arch_generator.py) to automate the generation of Android project scaffolding and boilerplate code.
[EXTERNAL_DOWNLOADS]: The README.md file provides installation instructions that reference the author's public GitHub repository (github.com/rasy007/android-skills) as the source for the skill's components.

android-arch-generator