The Agent Skills Directory

[PROMPT_INJECTION]: The documentation describes how to build commands that use positional arguments ($1, $2, $ARGUMENTS) and file references (@path), which are common surfaces for indirect prompt injection. It includes mitigation patterns such as conditional logic for argument validation.\n- [COMMAND_EXECUTION]: The skill explains how to use bash execution within commands. It emphasizes security by documenting the allowed-tools field and recommending restrictive filters (e.g., Bash(git:*)) over broad permissions.\n- [REMOTE_CODE_EXECUTION]: The content shows how to execute local scripts and tools within a plugin environment using the ${CLAUDE_PLUGIN_ROOT} variable. It does not facilitate the execution of untrusted remote code or unverifiable dependencies.

Command Development