The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill mandates a loop that compiles and executes generated code (MUST verify build, retry 3 times per error, max 10 loops). This automated 'generate-compile-execute' cycle is highly dangerous as the AI is instructed to force successful execution of code it generates from untrusted source files.
[PROMPT_INJECTION] (HIGH): Indirect prompt injection vulnerability. The skill uses LSP to read project source files (lsp_document_symbols, lsp_goto_definition). Malicious code or comments within the scanned C++/Qt project could contain instructions that influence the test generation process or the sub-agent's behavior.
[REMOTE_CODE_EXECUTION] (HIGH): While technically local, the skill's architecture involves generating executable binaries (test_{module_name}) and running them. Because the generation is driven by untrusted project data and the agent is instructed to 'fix' errors until it runs, an attacker can provide a source file that 'tricks' the agent into generating a test case that performs unauthorized system actions during the mandatory validation phase.
[DATA_EXFILTRATION] (MEDIUM): The use of LSP tools to extract complete class structures and implementations, combined with the ability to call 'general' sub-agents, creates a path where sensitive intellectual property (source code) is processed in external contexts without clear boundaries.

qt-unittest-make