The Agent Skills Directory

Indirect Prompt Injection Surface: The skill is designed to process external inputs such as assessment reports and user prompts to generate a migration plan. While this is the intended functionality, it creates a surface where instructions embedded within those documents could theoretically influence the agent's output.
Ingestion points: Processes the assessment-report and modernization-prompt provided by the user.
Boundary markers: The skill does not explicitly use delimiters or boundary instructions to isolate these external inputs from its own operational logic.
Capability inventory: The skill has the capability to write files (plan.md, tasks.json) and invoke secondary skills (like validate-rulebook-compliance).
Sanitization: No explicit sanitization or validation of the input data is defined in the instructions.
File System Operations: The skill writes generated modernization plans and metadata to a folder specified by the user (modernization-work-folder). This behavior is restricted to the specific task of plan generation and follows the standard pattern for developer tools.
Orchestration of Built-in Tools: The workflow includes calls to internal tools such as ask_user for clarification and validate-rulebook-compliance for policy checking. These interactions are focused on improving the quality and compliance of the generated migration plan.

create-modernization-plan