The Agent Skills Directory

[COMMAND_EXECUTION]: The skill frequently invokes a Python script (resolve_customization.py) located within the project's _bmad/scripts/ directory to resolve workflow configurations and step logic.
[COMMAND_EXECUTION]: The completion steps in steps-v/step-01-validate.md and steps-c/step-05-validate-and-complete.md contain an on_complete hook that executes the return value of a customization script as a terminal command. This pattern allows for arbitrary command execution guided by the local configuration files.
[PROMPT_INJECTION]: In steps-c/step-01-preflight-and-context.md, the workflow ingests untrusted data from user-provided story files ({story_file}) to drive the generation of API and E2E test scaffolds. The skill lacks explicit boundary markers or sanitization logic for this ingested content, creating an indirect prompt injection surface where adversarial story text could influence the generated test code or agent behavior.

bmad-testarch-atdd