The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes a Python interpreter to run {project-root}/_bmad/scripts/resolve_customization.py during initialization. This execution of a script from the project root is a security risk if the repository contains malicious code.\n- [COMMAND_EXECUTION]: The skill is configured to execute arbitrary activation steps (activation_steps_prepend and activation_steps_append) loaded from project-specific TOML files. This enables the execution of non-static commands determined at runtime by the project environment.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: It reads project-wide metadata from {project-root}/**/project-context.md, {project-root}/_bmad/bmm/config.yaml, and custom configuration TOMLs. Boundary markers: None are present to isolate these external inputs from the agent's core instructions. Capability inventory: The skill can execute Python scripts and trigger subsequent agent actions/skills. Sanitization: No filtering or validation is performed on the data retrieved from the project directory.

bmad-agent-analyst