The Agent Skills Directory

COMMAND_EXECUTION (HIGH): The skill contains 'Mandatory Requirements' that instruct the agent to execute shell scripts (scripts/run.sh, scripts/run.ps1) automatically. This bypasses the standard safety protocol where the agent should seek user approval before running commands.\n- REMOTE_CODE_EXECUTION (HIGH): The automated build workflow includes ohpm install and hvigorw assembleApp. These commands can execute arbitrary code contained within project dependencies or build plugins, posing a significant risk if the agent is used in a compromised project environment.\n- EXTERNAL_DOWNLOADS (MEDIUM): The skill's build scripts interact with an external package registry (https://ohpm.openharmony.cn/ohpm/) to download code. This dependency on external, unverified sources for automated tasks is a security concern.\n- PROMPT_INJECTION (LOW): The skill uses strong, authoritative directives ('CRITICAL', 'MUST') in its SKILL.md to dictate agent behavior and prioritize automated script execution over standard safety guidelines.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill creates a surface for indirect prompt injection. 1. Ingestion points: Reads and processes user .ets files and project structure. 2. Boundary markers: Delimiters or 'ignore instructions' warnings are absent. 3. Capability inventory: Full shell execution via build scripts and package installation. 4. Sanitization: No validation or escaping of project content is performed before triggering build actions. This allows a malicious codebase to trigger unauthorized actions through the agent's automated build process.

arkts-syntax-assistant