The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions in 'SKILL.md' and 'references/script-output-management.md' direct the agent to write generated JavaScript code to the local filesystem under the 'generated_scripts/' directory. This capability allows the agent to create and modify files on the host system.
[PROMPT_INJECTION]: The skill processes natural language business requirements from users, which serves as an ingestion point for untrusted data. A malicious user could potentially embed instructions that trigger the skill's 'auto-save' logic, leading the agent to write harmful code to the local disk without an explicit secondary confirmation. * Ingestion points: User-provided business requirements in natural language. * Boundary markers: Absent; the skill does not specify delimiters to isolate user input from its instructions. * Capability inventory: File-write operations to the 'generated_scripts/' directory. * Sanitization: The skill enforces structural naming conventions but lacks explicit content validation or sanitization for the generated scripts.

informat-script