The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes data from external 'slice plan' files (Markdown and Mermaid diagrams) to drive its code generation logic. This represents a documented attack surface common to code scaffolding tools.
Ingestion points: Reads shared.md, backend.md, frontend.md, schema.mmd, and flows.md from the local plan directory to determine the implementation scope.
Boundary markers: The skill does not currently implement explicit delimiters or system-level instructions to ignore natural language commands that might be embedded within these plan artifacts.
Capability inventory: The skill possesses the ability to write arbitrary source code to the local filesystem and execute shell commands (e.g., validation, linting, and testing) defined in the overlay.yaml configuration.
Sanitization: No explicit sanitization or pre-processing of plan content is described before its use in generating parameters for code templates or driving agent logic.
[DYNAMIC_EXECUTION]: The skill is designed to run shell commands defined in a project's skillbox-config/clients/{client}/overlay.yaml. These commands are used for standard developer workflows such as building, linting, and running unit/integration tests on generated artifacts.

domain-scaffolder