The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes local binary tools including 'terraform' and 'git' to generate infrastructure plans and code diffs for analysis. While these operations are core to the skill's functionality, they involve shell-level interactions with the host system. Evidence: Workflow Phase 1 and Phase 2 in SKILL.md specify the execution of these commands.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external files that could contain adversarial instructions meant to manipulate the agent's report or behavior. 1. Ingestion points: The skill reads from terraform plan outputs and configuration files including .tf and .tfvars files (Phases 1 and 3). 2. Boundary markers: There are no explicit delimiters or specific 'ignore-embedded-instructions' warnings defined to separate analyzed data from the agent's logic. 3. Capability inventory: The skill has the capability to execute shell commands and read various files within the local workspace. 4. Sanitization: No content-level sanitization or validation is performed on the ingested files prior to processing.

terraform-plan-review