The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements a prompt-generation pattern that interpolates external data into agent instructions, creating a surface for indirect prompt injection.\n
Ingestion points: The scripts/build_design_prompt.py script reads the title, description, and category fields from a user-provided JSON file via the --idea-json argument.\n
Boundary markers: Input fields are placed directly into a markdown list within the generated prompt without escaping or delimiters to isolate untrusted content.\n
Capability inventory: The workflow suggests piping the generated prompt into the Claude CLI with Read, Edit, Write, Glob, Grep tools enabled, allowing for high-impact actions if an injection occurs.\n
Sanitization: The script does not validate or sanitize the contents of the idea JSON file before interpolation.\n- [COMMAND_EXECUTION]: The skill's workflow involves executing local Python scripts to build prompts and utilizing the Claude CLI to perform file system operations.\n
Evidence: SKILL.md provides bash commands for running the build_design_prompt.py script and piping output to claude -p.

skill-designer