The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface where malicious instructions in processed files could influence agent behavior. * Ingestion points: Phase 1 and Phase 5 of SKILL.md direct the agent to read user-provided documentation and codebase content. * Boundary markers: The skill lacks instructions to wrap external content in delimiters or use 'ignore' warnings for embedded text. * Capability inventory: The skill is permitted to use Bash, Read, Write, Edit, Grep, and Glob tools in SKILL.md, providing significant environment control. * Sanitization: No validation or filtering is specified for the data ingested from the filesystem.

grill-me