The Agent Skills Directory

[SAFE]: The skill provides legitimate architectural and design guidance. Its instructions focus on improving software correctness and reliability through formal reasoning patterns.- [COMMAND_EXECUTION]: The skill includes documentation for a 'seq' command-line utility used to track usage metrics and compliance. These commands access data within the '~/.codex/sessions' directory, which appears to be a standard instrumentation practice for the specific development environment.- [PROMPT_INJECTION]: The skill is designed to process user-provided code and architectural prompts to identify invariants. This creates an indirect prompt injection surface as the agent ingests untrusted data and possesses code-modification capabilities. However, this is consistent with the primary purpose of a coding assistant skill. Findings: 1. Ingestion points: User prompts and source code referencing logic/state (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Instructions for code design and modification. 4. Sanitization: Absent.

invariant-ace