The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple local Go scripts located at ../../scripts/cmd/ to assess project state, retrieve context, emit events, and manage feature tracking. It also performs Git operations such as git add and git commit to save generated plans.
[PROMPT_INJECTION]: Indirect prompt injection vulnerability exists because the skill ingests and processes content from external files like PRDs and project guidelines without sanitization or protective delimiters. * Ingestion points: PRD files (.agents/products/prds/.md), ARCHITECTURE.md, CLAUDE.md, and learning documents. * Boundary markers: None present. * Capability inventory: Shell script execution (go run), Git operations, and MCP tool interactions. * Sanitization: No sanitization or validation of the ingested document content is performed.

product-plan