The Agent Skills Directory

[SAFE]: The skill uses a disciplined step-file architecture in 'workflow.md' that enforces sequential execution and maintains state via file frontmatter, preventing unauthorized instruction paths.
[SAFE]: Multiple interactive menus (e.g., in 'steps/step-01-understand.md' and 'steps/step-04-review.md') ensure that the agent halts and requires user confirmation before proceeding to subsequent tasks or invoking other tools.
[PROMPT_INJECTION]: The skill possesses an inherent indirect prompt injection surface due to its primary function of ingesting and analyzing codebase content and user requirements.
Ingestion points: User descriptions in 'steps/step-01-understand.md' and codebase context gathered in 'steps/step-02-investigate.md'.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the 'tech-spec-template.md'.
Capability inventory: Local file writes to initialize documentation and the ability to trigger implementation skills ('bmad-quick-dev').
Sanitization: No specific sanitization or filtering logic is defined; the risk is mitigated by mandatory human review and an adversarial review step.
[COMMAND_EXECUTION]: The workflow orchestrates the invocation of other vendor-owned skills such as 'bmad-advanced-elicitation' and 'bmad-quick-dev'. These resources are part of the 'bmad-code-org' author's trusted ecosystem and are documented neutrally.

bmad-quick-spec