The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (MEDIUM): The validation step uses npx markdownlint and npx markdown-link-check. These commands download and execute packages from the public npm registry at runtime. Without specific version pinning or integrity hashes, this represents an unverifiable dependency risk where the external package could be compromised or changed.
[COMMAND_EXECUTION] (LOW): The skill utilizes several Bash scripts to automate documentation checks. While the logic is functional, it involves executing shell commands like grep, sed, and echo on strings extracted directly from source code files (.ts, .tsx). This creates a potential command injection surface if the source code contains maliciously crafted feature strings.
[PROMPT_INJECTION] (LOW): Indirect prompt injection surface exists (Category 8).
Ingestion points: The skill reads feature strings from project source files (*.ts, *.tsx) and documentation files (docs/features.md, etc.).
Boundary markers: No boundary markers or 'ignore' instructions are used when interpolating extracted content into the verification logic.
Capability inventory: The skill has access to Bash, Edit, and Write tools, as well as GitHub MCP tools.
Sanitization: There is no sanitization or validation of the strings extracted from the code before they are processed by the shell script or presented to the model.

features-documentation