The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill contains directives to devalue documentation relative to code behavior. In SKILL.md, the 'Trust Hierarchy' ranks 'External documentation (README, wiki, API docs)' as 'Least trusted' and states 'Documentation is a REFERENCE, not an OBLIGATION.' This directive could cause the agent to ignore safety warnings, organizational policies, or operational constraints documented in a project's README or SECURITY.md files if the agent perceives the code's 'reality' to be different.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill creates a surface for indirect prompt injection by prioritizing codebase analysis over documented instructions. 1. Ingestion points: Local codebase files are accessed and analyzed using grep and find commands (references/impact-analysis.md). 2. Boundary markers: Absent; there are no instructions for the agent to distinguish between the code being analyzed and potentially malicious instructions embedded within that code. 3. Capability inventory: The skill utilizes system commands (grep, find, git) and implies file modification capabilities. 4. Sanitization: No sanitization or validation of the ingested code content is performed before the agent's Respond phase.
[COMMAND_EXECUTION] (SAFE): The skill recommends the use of standard local utilities such as grep, find, and git for impact analysis. These tools are used for internal codebase navigation and dependency mapping, which is consistent with the primary purpose of the skill and does not involve remote execution or elevated privileges.

framework-initiative