The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill processes untrusted data from project management issues and specifications. 1. Ingestion points: Data enters the agent context through the analysis of Beads issues and OpenSpec changes. 2. Boundary markers: The SKILL.md does not define explicit delimiters or instructions to ignore embedded commands in the issue data. 3. Capability inventory: The skill has the capability to generate statistics reports and proactively draft new specification proposals. 4. Sanitization: There is no evidence of sanitization, escaping, or validation of the external content before it is used to generate insights.

beads-retrospective