The Agent Skills Directory

[DATA_EXPOSURE]: The skill reads local project files such as docs/vision.md and docs/arc/progress.md to gain context for its design recommendations. This behavior is documented and necessary for its primary function as a codebase-aware thinking partner.
[COMMAND_EXECUTION]: The skill utilizes Git commands (git add, git commit) to version-control the design documents it generates in the docs/arc/specs/ directory.
[DYNAMIC_EXECUTION]: The workflow involves dispatching several specialized sub-agents (such as security-engineer and spec-flow-analyzer) by loading definition files from the ${ARC_ROOT} environment. This is a standard orchestration pattern within the author's specified framework.
[INDIRECT_PROMPT_INJECTION]: The skill processes project-local files and documentation as input context. While this creates a surface for indirect prompt injection if those files contain untrusted instructions, the skill's restricted Act 1 formatting and focused documentation output mitigate the risk of accidental instruction override.

ideate