The Agent Skills Directory

[PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface through its processing of untrusted user-supplied designs. (1) Ingestion points: The target plan or design provided to the /grill-me-quick command in SKILL.md. (2) Boundary markers: The skill employs a structured input pack in references/verification.md to isolate subagents, though malicious instructions embedded in claims or quirks could still influence behavior. (3) Capability inventory: Verification subagents are granted access to WebSearch, Grep, Read, and Bash tools in references/verification.md. (4) Sanitization: The documentation does not mention explicit sanitization or safety-filtering for content derived from user inputs before it is passed to subagents.
[COMMAND_EXECUTION]: Verification subagents utilize the Bash tool to gather evidence and validate technical claims within the user's target. This access is intended for legitimate plan auditing but represents a high-capability environment that could be targeted by indirect injection.
[EXTERNAL_DOWNLOADS]: The README.md provides instructions to install the skill from the author's own GitHub repository (shihyuho/skills) via the platform's package manager.

grill-me-quick