The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests user input to generate workflow instructions, creating an indirect prompt injection surface.
Ingestion points: User-provided workflow ideas and skill sequences (SKILL.md).
Boundary markers: Absent; user input is directly incorporated into the draft markdown templates.
Capability inventory: Reading files in _workflows/ and writing to _staging/workflows/ (SKILL.md).
Sanitization: Absent; the skill relies on the mandatory human review and promotion step described in the output format instructions.
[SAFE]: File access is restricted to the local project repository for the purpose of checking workflow overlaps and writing drafts to a staging area. No access to sensitive user data or system configuration was detected.
[SAFE]: The skill does not perform any automated command execution. While it references various validation scripts in its checklist, these are explicitly defined as manual tasks for the user.

utility-pm-workflow-builder