The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to use the "bd" CLI tool to fetch and create project issues (e.g., "bd show", "bd create"). This is a core part of the skill's functionality and is considered safe within the context of managing project tasks.
[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it ingests untrusted content from external specifications and issue descriptions. 1. Ingestion points: "bd show " and user-supplied plans/PRDs. 2. Boundary markers: Absent in the provided prompt templates. 3. Capability inventory: "bd create" to publish new issues and local codebase exploration. 4. Sanitization: No explicit sanitization of input data is defined. This risk is inherent to tools that process documents from potentially untrusted sources and is mitigated by the requirement for user review prior to the final publishing step.

to-features