The Agent Skills Directory

[PROMPT_INJECTION]: Potential for Indirect Prompt Injection. The skill is designed to process external documents which may contain malicious instructions. Ingestion points: Untrusted data enters the agent context via the --requirement, --analysis, --tech, --plan, and --other file arguments processed in scripts/run_strategy.py. Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are present in prompts/test-strategy-plus.md to protect the model from instructions within the processed data. Capability inventory: The skill possesses file read and write capabilities across multiple scripts, including scripts/common_parser.py and scripts/common_formatter.py. Sanitization: No sanitization, escaping, or validation of the external content is performed before interpolation into the prompt context.
[COMMAND_EXECUTION]: The skill provides and utilizes several Python scripts (e.g., scripts/run_strategy.py, scripts/parse_word.py) to perform document parsing and formatting. This introduces a capability for executing code in the local environment that operates on user-supplied file paths and content.

test-strategy-plus