The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local Python script (_bmad/scripts/resolve_customization.py) located in the project root. This script is used for merging configuration blocks and handling post-workflow completion tasks. These operations are part of the vendor's intended framework functionality for managing project-specific overrides.
[PROMPT_INJECTION]: Indirect Prompt Injection surface. The skill ingests untrusted project documentation such as PRDs, UX designs, and research documents during the initialization phase (step-01-init.md). These documents could theoretically contain instructions to subvert the agent's behavior.
Ingestion points: Discovers and loads files matching *brief*.md, *prd*.md, *ux-design*.md, and *research*.md from various project directories.
Boundary markers: The instructions do not specify strict XML or character-based boundary markers for the loaded content, although it uses a confirmation step with the user before loading.
Capability inventory: The skill can perform web searches (step-03, step-04) and write to local files (creating the architecture.md document).
Sanitization: No explicit sanitization or filtering of the ingested document content is performed prior to analysis.

bmad-create-architecture