The Agent Skills Directory

[PROMPT_INJECTION]: The skill identifies a potential attack surface for indirect prompt injection by ingesting data from external sources.
Ingestion points: The skill reads files from the docs/adrs/ directory using commands like fd, awk, and grep to extract metadata.
Boundary markers: There are no explicit boundary markers or instructions to the agent to treat the content of the ADR files as untrusted or to ignore any instructions found within them.
Capability inventory: The skill uses shell tools (Bash) to perform file system searches and text processing.
Sanitization: Content extracted from the ADRs (such as Titles, Status, and Dates) is printed directly into a markdown table without escaping or sanitization, which could allow malicious content inside an ADR file to influence the agent's behavior.

blueprint-adr-list