The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches feature specification templates and existing project context from Notion using the notion-fetch and notion-search tools. Notion is a well-known and trusted service for documentation and project management.
[EXTERNAL_DOWNLOADS]: A TODO block in the workflow describes plans to integrate with external AI image generation services (such as Midjourney or ComfyUI) to automatically download brand assets into the local repository's asset directories.
[COMMAND_EXECUTION]: The skill generates complex technical prompts intended for execution by the Claude Code CLI. These prompts include instructions for database migrations, model creation, and layout scaffolding, facilitating indirect command execution through the generated output.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external Notion pages (templates and existing project documentation) and incorporates it into the agent context without explicit boundary markers or sanitization logic. Specifically:
Ingestion points: Data enters through the notion-fetch tool (SKILL.md).
Boundary markers: No delimiters or 'ignore' instructions are used for the fetched external content.
Capability inventory: The skill can write back to the cloud via notion-create-pages and influence local development via generated CLI prompts.
Sanitization: No validation or filtering of the Notion-sourced content is present.

feature-planner