The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires cloning an external repository from a community source (https://github.com/alexfazio/plankton.git) which is not among the officially trusted organizations.- [REMOTE_CODE_EXECUTION]: Scripts downloaded from the external repository, including 'multi_linter.sh', 'protect_linter_configs.sh', and 'stop_config_guardian.sh', are intended to be executed automatically as ToolUse hooks during the agent session.- [COMMAND_EXECUTION]: The skill performs extensive system operations such as installing software via 'brew', synchronizing Python environments with 'uv sync', and running various language-specific linter binaries.- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface within its 'Phase 3: Delegation + Verification' workflow. • Ingestion points: File content edited by the agent in the workspace as described in SKILL.md. • Boundary markers: Absent; there are no delimiters or instructions mentioned to prevent the subprocess from obeying instructions embedded in the code or linter messages. • Capability inventory: Spawning sub-agents via 'claude -p' and executing shell scripts as defined in SKILL.md. • Sanitization: Absent; the linter output is collected and passed to a sub-agent for automated fixing without filtering or validation of the content.

plankton-code-quality