The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute development commands such as npm test, npm run build, and npm run type-check as described in references/bugfix-phases.md. These are standard operations for a debugging tool and are used to verify code changes.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted user-provided data from bug reports.
Ingestion points: User-provided bug descriptions and reproduction steps are gathered and stored in SKILL.md and references/templates/context.md.
Boundary markers: The instructions do not define explicit delimiters to separate user input from system instructions.
Capability inventory: The skill uses Bash, Write, and Edit tools across multiple files to modify the codebase and execute commands.
Sanitization: No sanitization of user-provided instructions is implemented, although internal logging data is recommended to be sanitized.
Mitigation: The 'Phase 5: User Confirmation' requirement acts as a critical human-in-the-loop checkpoint, preventing autonomous execution of potentially malicious fixes.

bugfix