The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute the sha256sum utility in a bash environment to perform integrity checks and detect content drift in project documents. This is a standard utility for the skill's documented workflow.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted data from external documentation files and uses that data in shell commands.
Ingestion points: The skill extracts information from @ref: and @ears: tags within BDD feature files and Markdown documents located in the docs/ directory.
Boundary markers: Absent; there are no specified delimiters or instructions for the agent to ignore embedded instructions within the ingested document content.
Capability inventory: The skill utilizes shell command execution (bash / sha256sum) and performs local file system write operations (creating reports and updating .drift_cache.json).
Sanitization: Absent; the skill does not define validation, escaping, or filtering procedures for the file paths extracted from untrusted document content before they are used as command arguments.

doc-bdd-reviewer