The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests potentially untrusted data from git logs and project plans, creating an attack surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: Git logs, daily reports, and active plans (SKILL.md); 2. Boundary markers: The prompt does not specify delimiters or instructions to ignore embedded commands in the source data; 3. Capability inventory: The skill has the ability to read from the local file system, run git commands, and write reports back to the workspace; 4. Sanitization: No evidence of escaping or validating the content of ingested files before they are processed by the agent.
[COMMAND_EXECUTION]: The skill interacts with the local system to execute git log commands for progress evidence and performs file system operations to save generated reports in the planning directory.

agile-status-report