The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes a local CLI tool named <aegis-workspace-helper> to perform operations like new-adr, amend-adr, and supersede-adr. These commands use dynamic parameters such as --root <target-project-root> and --path <slug>, which are derived from the workspace or user input. This pattern presents a risk of command injection or directory traversal if the project paths or filenames are not strictly validated.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external files to guide its decision-making logic.
Ingestion points: The skill reads configuration and architecture rules from files like docs/adr/ADR-CREATION-GATE.md and docs/current/AEGIS_ADR_AUTO_BACKFILL.md, as well as project-specific documentation.
Boundary markers: No explicit boundary markers or 'ignore embedded instructions' warnings are provided to differentiate documentation content from the agent's core instructions.
Capability inventory: The skill possesses the capability to execute shell commands and modify the file system via the workspace helper utility.
Sanitization: There is no evidence of sanitization or validation of the content read from these external files before it influences the agent's behavior or is passed to command-line arguments.

recording-architecture-decisions