The Agent Skills Directory

[COMMAND_EXECUTION]: The skill workflow in SKILL.md directs the agent to execute shell commands, specifically git clone to fetch external codebases and grep or rg (ripgrep) to search for security vulnerability patterns defined in the references checklist.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of remote source code from user-provided URLs using git clone, which connects the agent to external repositories.\n- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection by processing untrusted external data (Solana smart contract source code).\n
Ingestion points: External source code repositories downloaded via git clone as specified in Phase 1 of the workflow.\n
Boundary markers: The instructions do not implement explicit delimiters or safety prompts to ensure the agent ignores instructions embedded within the code it is auditing.\n
Capability inventory: The agent has the ability to execute system commands and access the local filesystem for analysis.\n
Sanitization: No sanitization or validation mechanisms are provided to filter the content of the ingested code before interpretation by the agent.

solana-audit