The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface detected where untrusted specification file content is processed by the agent.
Ingestion points: Content is read from the file path provided via the $ARGUMENTS variable in the workflow.
Boundary markers: No explicit delimiters or instructions are used to separate user-provided specification content from the agent's logic.
Capability inventory: Access to tools like Read, Glob, Skill, and Task allows for file system interaction and spawning of other agents.
Sanitization: No validation or sanitization of the input file content is performed prior to the quality and compliance assessment phase.

validate