The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various shell commands to manage files and sequence numbers.
Evidence: ls -la docs/brainstorms/*.md, mkdir -p docs/plans/, and next_seq=$(printf "%03d" $(( ${last_seq:-0} + 1 ))).
[COMMAND_EXECUTION]: The skill interacts with external project management tools using installed CLI utilities.
Evidence: Uses gh issue create for GitHub and linear issue create for Linear integrations.
[DATA_EXFILTRATION]: The skill contains a feature to share the generated markdown plan with an external web service.
Evidence: Executes a curl POST request to https://www.proofeditor.ai/share/markdown containing the full content of the generated plan file. While this is a documented feature, it involves sending potentially sensitive project details to a third-party domain.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted input and local files.
Ingestion points: Accepts user-provided feature descriptions via #$ARGUMENTS and reads existing brainstorm documents from docs/brainstorms/.
Boundary markers: Uses <feature_description> tags for user input, which provides basic delimitation but may be bypassed by sophisticated instructions.
Capability inventory: The skill has significant capabilities, including file system access (read/write), network access (via curl), and the ability to trigger other agent tasks.
Sanitization: There is no explicit evidence of sanitization or filtering of the input before it is used to inform the planning process or passed to other agents.

ce-plan