The Agent Skills Directory

[SAFE]: The skill is designed for documentation management and feature planning. It does not perform network operations, access sensitive credentials, or download remote code. Its behavior is confined to repository-based documentation tasks.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it incorporates instructions and context from repository files such as AGENTS.md and docs/Architecture.md into its planning and execution phases. Ingestion points: AGENTS.md, docs/Architecture.md, and local business rules files. Boundary markers: Absent; the instructions do not implement delimiters or ignore-previous-instructions commands when reading from these files. Capability inventory: The skill uses the 'Ralph Loop' to execute steps, which could include running shell commands (e.g., for build or test verification) that might be influenced by content in the ingested documents. Sanitization: Absent; content read from the repository is used directly to inform the agent's actions without filtering or validation.

mcaf-feature-spec