The Agent Skills Directory

[COMMAND_EXECUTION]: The skill employs cat and echo shell commands to read documentation and write TypeScript files. While the instructions define a project-specific directory structure, the absence of strict path validation allows for potential path traversal if the agent is directed to access or overwrite sensitive files outside the intended scope.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is explicitly instructed to follow the implementation details found in external README.md files. Malicious content in these files could influence the agent to generate harmful code or perform unintended actions.
Ingestion points: Documentation files are ingested using the cat command in SKILL.md based on user-provided IDs.
Boundary markers: No delimiters or instructions are provided to the agent to distinguish between data and potentially malicious instructions within the documentation files.
Capability inventory: The agent has the capability to modify the project workspace using the echo command as described in SKILL.md.
Sanitization: There is no evidence of sanitization or validation of the content read from external documentation files before it is used to guide code generation.

graphicode-junior-engineer-ts-state-umi