The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The utility script render-graphs.js uses child_process.execSync to invoke the system's Graphviz (dot) binary.
Evidence: Line 116 in render-graphs.js executes dot -Tsvg with input derived from dot blocks in SKILL.md. It also uses execSync to run which dot at line 91.
Risk: Directly calling system binaries via execSync is a high-privilege operation. While input is provided via STDIN, it relies on the safety of the host's dot installation and environment.
PROMPT_INJECTION (LOW): The skill provides instructions on how to effectively 'override' agent behavior and bypass typical AI refusals or 'rationalizations'.
Evidence: The persuasion-principles.md and anti-rationalization/README.md files explicitly teach techniques like 'Authority' and 'Commitment' (e.g., using 'MANDATORY', 'ALWAYS', 'NEVER', and 'Delete means delete') to force compliance.
Risk: These are documented behavioral override patterns designed to ensure agents strictly follow specific workflows (like TDD), but they conceptually align with prompt injection techniques for bypassing standard agent reasoning.

writing-skills