The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to run a local Python script engagement-state.py found in the plugin's root directory. This script is used for updating the engagement state and the decision matrix based on client responses.- [PROMPT_INJECTION]: There is a potential for indirect prompt injection as the skill reads and synthesizes data from various research documents (e.g., business analysis, customer analysis, market analysis). Malicious content within these research files could potentially influence the agent's output or the triggers passed to the state management script.
Ingestion points: Research markdown files located in part-03-four-core-documents/v1/ and part-04-competitive-customer-market/v1/.
Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading these files.
Capability inventory: The skill has access to Bash, Write, Edit, Read, Glob, and Grep tools.
Sanitization: The instructions do not specify any sanitization or validation of the findings extracted from the source documents.- [SAFE]: The skill's file operations (Read, Write, Edit) are scoped to the local engagement directory structure, and the tools requested are appropriate for its documented purpose of generating reports and managing project state.

client-validation-document