The Agent Skills Directory

[COMMAND_EXECUTION]: The skill incorporates a diagnostic workflow (Step 4) that executes local grep commands to perform static analysis on the codebase. These commands are designed to audit for unsafe patterns such as any usage, suppressed errors via @ts-ignore, and unchecked type assertions, which is consistent with its primary purpose of improving code quality.
[EXTERNAL_DOWNLOADS]: Reference guides within the skill (such as tooling.md and migration.md) provide instructions for installing well-known developer utilities from official registries. These include typescript, tsup, tsx, eslint, and vitest. These references target established technology services and do not involve untrusted remote execution.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an ingestion surface for indirect instructions when reading project-specific files during its audit phase.
Ingestion points: The agent is instructed to read local files including tsconfig.json, source code, and ESLint configurations into its working context (Step 2).
Boundary markers: The skill lacks explicit boundary markers or delimiters for the ingested data, relying instead on high-level instructions to load the files for reference.
Capability inventory: The skill has capabilities to perform shell execution (grep) and generate source code, which could potentially be influenced by malicious content within analyzed files.
Sanitization: No explicit sanitization or instruction-filtering mechanism is described for the content read from the user's project files.

develop-typescript