The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data (documents and rule files) that could contain malicious instructions.
Ingestion points: Target documents, .claude/rules/, CLAUDE.md, and other skill definitions.
Boundary markers: No specific delimiters or safety instructions are used to distinguish between document content and system instructions.
Capability inventory: The skill has the ability to read local files and write modifications back to the filesystem.
Sanitization: No sanitization or validation of the ingested text is performed before processing.
[NO_CODE]: The skill consists entirely of natural language instructions in SKILL.md and does not include any executable scripts or binary files.

lint-doc