The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses strong, mandatory language to ensure its instructions take precedence over any subsequent user input or situational factors. It explicitly tells the agent to ignore directives from authority figures (like a CTO) if they conflict with the safety gates. Evidence in SKILL.md: "No urgency, role, authority, or circumstance overrides this mandate." and "No one has authority to skip safety gates".
[COMMAND_EXECUTION]: The skill defines a process requiring the execution of multiple command-line tools to provide evidence for the safety gates. Evidence in references/verification-gates.md: lists commands such as npm test, pytest, npm audit, trufflehog, kubectl diff, and terraform plan.
[EXTERNAL_DOWNLOADS]: The skill uses network-enabled tools to verify environment health and repository status. Evidence in references/verification-gates.md: curl -s https://staging.yourapp.com/health and instructions to use the GitHub and GitLab CLIs (gh, glab).
[DATA_EXFILTRATION]: The verification process involves reading sensitive environment configuration files (.env) for comparison and validation. Evidence in references/verification-gates.md: "diff .env.staging .env.production".
[INDIRECT_PROMPT_INJECTION]: The skill's core functionality relies on ingesting untrusted data from external sources (CI logs, security scan results, PR metadata) and presenting it in the agent context, which presents a surface for potential injection.
Ingestion points: CI run summaries, security scan reports, PR details, and staging logs specified in SKILL.md and references/verification-gates.md.
Boundary markers: None present; the agent is simply directed to paste the artifacts.
Capability inventory: The skill utilizes subprocess execution for various dev tools and network access via curl.
Sanitization: Not specified for external evidence, although secret masking is suggested for config diffs.

verify-before-ship