The Agent Skills Directory

[PROMPT_INJECTION]: The skill utilizes a role-activation instruction ('ROLE ACTIVATION') to set a professional persona ('Senior Stack Engineer'). This is intended to frame the agent's technical perspective and does not attempt to override safety protocols or ethical constraints.- [COMMAND_EXECUTION]: A local bash script ('validate-skill.sh') is included to verify the repository's file structure and documentation integrity. The script performs benign local operations such as checking for file existence and parsing text patterns without engaging in network activity or accessing sensitive system areas.- [EXTERNAL_DOWNLOADS]: The documentation references various well-known services and platforms (e.g., Miro, Datadog, AWS, GitHub) and links to the author's own repositories. These are standard architectural references and do not involve automated execution of untrusted remote content.- [PROMPT_INJECTION]: The skill defines a surface for potential indirect prompt injection through its discovery phase questions.
Ingestion points: User-provided inputs for system goals, technical scope, and pain points in 'SKILL.md' Phase 1.1.
Boundary markers: None identified in the prompt interpolation templates.
Capability inventory: The skill provides instructions for Git operations ('git commit', 'git push') and local file generation ('spec-ddd/'), intended for a human-in-the-loop development process.
Sanitization: No automated input validation or sanitization is specified for the requirements elicitation process.
This vulnerability surface is typical for architecture-oriented skills and does not represent a malicious finding.

skill-spec-ddd