The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection (Category 8).\n- Ingestion points: The skill accepts coverage reports in JSON, XML, and HTML formats, as well as raw source code and test files in Step 1 of SKILL.md.\n- Boundary markers: There are no explicit delimiters or instructions provided to the agent to isolate potentially malicious instructions embedded within the ingested coverage data or source code comments.\n- Capability inventory: The skill is primarily analytical and descriptive. It identifies uncovered lines and untaken branches to produce markdown reports (coverage_gap_report.md, recommended_tests.md). It does not contain evidence of arbitrary command execution, network exfiltration, or filesystem write operations beyond report generation.\n- Sanitization: There is no evidence of input validation or sanitization to filter out malicious payloads from the external files before they are processed by the agent.

unit-test-running-coverage-analysis