The Agent Skills Directory

Indirect Prompt Injection (HIGH): This skill has a high-privilege capability tier because it modifies application source code and database logic. * Ingestion points: The agent accepts feature names and folder paths from user input which likely influence the logic generated in the routes and handlers. * Boundary markers: There are no delimiters or instructions to ignore embedded commands within the user-provided data. * Capability inventory: The skill allows the agent to write new .ts files, modify the central route registry, and initialize Prisma database connections using environment variables. * Sanitization: No sanitization of the requirements is performed before generating code, creating a risk that malicious instructions could be baked into the application source.
Command Execution (MEDIUM): Although the skill does not execute shell commands directly, it performs 'code generation as execution' by creating files that will be automatically compiled and run in a Cloudflare Workers environment. This high-impact capability necessitates strict review of the generated output to prevent the introduction of malicious logic.

api-route-endpoint