The Agent Skills Directory

[SAFE]: The skill facilitates project organization through systematic analysis and documentation. It follows a specific workflow to output analysis files to the local file system.
[INDIRECT_PROMPT_INJECTION]: The skill utilizes the $ARGUMENTS variable to ingest user project descriptions, which represents an attack surface for indirect prompt injection. However, given the skill's primary function of text analysis and its lack of network or shell execution capabilities, the risk is categorized as safe.
Ingestion points: User input enters via the $ARGUMENTS field in SKILL.md.
Boundary markers: The input is wrapped in markdown code blocks.
Capability inventory: The skill writes analysis documents to the 'docs/epic/' directory.
Sanitization: There is no explicit sanitization of the input content.

epic-analyze