The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection via task descriptions. Ingestion points: CLI arguments for task names in analyze_task.py. Boundary markers: None identified in provided files. Capability inventory: Linear API issue creation/updates and local file exports. Sanitization: None observed for user-supplied task descriptions.\n- [REMOTE_CODE_EXECUTION] (LOW): Performs dynamic path modification in scripts/constants.py using sys.path.insert to load shared utilities from outside the skill's root directory (../../shared). While typical for some development structures, this involves loading code from computed paths.\n- [DATA_EXFILTRATION] (LOW): Communicates with the Linear API at https://api.linear.app/graphql. This is the intended purpose but involves transmitting task metadata to an external endpoint.\n- [EXTERNAL_DOWNLOADS] (LOW): Requires installation of standard third-party packages requests and pyyaml via pip as part of the setup process.\n- [COMMAND_EXECUTION] (LOW): The skill is designed to be executed via Python CLI, taking direct user input (task descriptions) as arguments which are then processed by the internal logic.

task-decomposer