The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute a local script, scripts/dependency-mapper.sh, which parses source files to map dependencies. While the script performs benign analysis using grep and find, the use of shell execution represents an active capability that could be targeted if inputs are not properly handled.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of analyzing external codebase content. Ingestion points: The skill ingests untrusted data from the local file system through tools like Grep, Glob, and Read. Boundary markers: The prompts defined for the sub-agents (e.g., in rules/exploration-agents.md) do not include explicit separators or 'ignore instructions' directives for the content they analyze. Capability inventory: The agent has access to Bash and TaskCreate tools, which could be exploited if a sub-agent is manipulated by instructions found within a scanned file. Sanitization: No sanitization of the file content is performed prior to processing by the exploration agents.

explore