The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data.
Ingestion points: The skill reads docs/devdocs/01-requirements.md and project source code via file discovery tools.
Boundary markers: There are no explicit instructions or delimiters used to isolate processed requirement content from the agent's core instructions.
Capability inventory: The agent possesses Write capabilities, allowing it to modify documentation based on ingested data.
Sanitization: No input validation or filtering is specified for the content of requirement files.
Mitigation: The risk is addressed by the mandatory 'Plan Mode' requiring human approval before the agent executes design changes.
[NO_CODE]: The skill package does not contain any executable scripts or binaries. It is composed entirely of Markdown instructions and templates.

devdocs-system-design