The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted implementation plans (*.plan.md) which can serve as a vector for indirect prompt injection. 1. Ingestion points: Implementation plan files parsed in Step 1. 2. Boundary markers: No delimiters are specified to isolate untrusted content. 3. Capability inventory: Execution of openspec CLI commands via the shell. 4. Sanitization: The instructions advise normalizing inputs to kebab-case, which provides limited protection against injection.
[COMMAND_EXECUTION]: Shell commands are constructed using identifiers extracted from implementation plans, such as change-id.
[EXTERNAL_DOWNLOADS]: The skill recommends that users install the @fission-ai/openspec package globally using npm to enable core functionality.

042-planning-openspec