The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute directory creation (mkdir), file copying (cp), and directory removal (rm -rf). These operations are performed on paths derived from the {milestone} argument and phase identifiers found in project metadata. This is standard behavior for a workflow management tool but involves destructive operations on project files.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading content from reflection-log.md and appending it to learnings.md. * Ingestion points: Contents of reflection-log.md are read during Step 4. * Boundary markers: No delimiters or ignore-instructions are used when processing the log content. * Capability inventory: The skill has file write and shell execution capabilities via the Write and Bash tools in the SKILL.md. * Sanitization: Content is extracted from the log and appended to the learning spec without sanitization or validation.

maestro-milestone-complete