The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell commands such as mkdir and cp to initialize and manage brainstorming session files within the user's workspace. These operations are localized to the configured output directory.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface through the ingestion of external data. 1. Ingestion points: The skill reads a user-provided context_file (in steps/step-01-session-setup.md) and analyzes previously created session files (in steps/step-01b-continue.md). 2. Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the ingested files. 3. Capability inventory: The skill possesses file system access (read/write) and command execution capabilities (mkdir, cp) across the workspace which could be targeted if malicious content is processed. 4. Sanitization: No sanitization or validation of the content within the context_file or session files is performed before processing.

bmad-brainstorming