The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill instructs the agent to ingest data from untrusted external sources (project dependency files).
Ingestion points: The instructions require reading package.json, composer.json, go.mod, requirements.txt, and pyproject.toml (found in SKILL.md).
Boundary markers: No delimiters or instructions to ignore embedded commands within those files are provided.
Capability inventory: The skill's capabilities are limited to influencing the agent's reasoning and code generation patterns (internal influence).
Sanitization: No sanitization or validation of the content within these dependency files is suggested.

project-standards