The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it transforms untrusted user requirements into executable CI/CD configurations and possesses the capability to write these configurations to a remote platform.
Ingestion points: User-provided requirements for pipeline logic, build steps, and environment configurations enter the agent's context via the chat interface.
Boundary markers: Absent. The skill's instructions do not define delimiters or provide specific 'ignore embedded instructions' warnings for the generated YAML output to prevent the agent from obeying instructions hidden within user input.
Capability inventory: The skill utilizes the harness_create tool (facilitated by the harness-mcp-v2 server) to push generated configurations to the Harness platform, as described in the 'Creating via MCP' section of SKILL.md.
Sanitization: Absent. There are no defined procedures for validating, escaping, or sanitizing the content of user-provided requirements before they are interpolated into the run or action steps of the generated pipeline.

create-pipeline-v1