The Agent Skills Directory

[COMMAND_EXECUTION]: The skill writes feedback to a local HTML file and opens it using the open command. This is a standard functionality for displaying generated previews to the user.
[INDIRECT_PROMPT_INJECTION]: The skill processes user-provided drafts which acts as an ingestion point for untrusted data. 1. Ingestion points: User-provided text drafts described in the feedback workflow. 2. Boundary markers: Absent in the interpolation template. 3. Capability inventory: File-write to _private/views/ and open subprocess (SKILL.md). 4. Sanitization: The template's JavaScript uses textContent for rendering comments, providing protection against XSS in the comment text itself, though the primary draft content is interpolated into the HTML body.

comment-mode