The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute commands that are dynamically discovered or generated during the development cycle. Specifically, the Validation & Archival Specialist (VAS) agent is instructed to run commands stored in a shared discoveries.ndjson file, as seen in roles/validation-archivist.md. These commands may be influenced by other sub-agents or directly by the contents of the project being analyzed (e.g., via package.json scripts).
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted project data.
Ingestion points: Data enters the context via the user-provided task description, project files (source code, configuration, specs), and external URLs fetched during requirements analysis.
Boundary markers: The system uses section headers but lacks explicit 'ignore embedded instructions' markers or strict delimiters for content ingested from the project filesystem.
Capability inventory: The skill possesses powerful tools including Bash (shell execution), spawn_agent (agent creation), and Write/Edit (file system modification).
Sanitization: No validation or sanitization is performed on project files or external content before it is interpolated into agent instructions or shell commands.
[EXTERNAL_DOWNLOADS]: The Requirements Analyst agent is designed to fetch and analyze external URLs if they are specified as source references in a prep-package.json file. While this is a functional requirement for analyzing external documentation, it represents a network communication vector that could be utilized to retrieve malicious instructions if a compromised project configuration is processed.

parallel-dev-cycle