The Agent Skills Directory

[PROMPT_INJECTION]: The skill is instructed to 'explore the codebase' to answer questions, which creates an indirect prompt injection surface where untrusted data from project files could influence agent behavior. • Ingestion points: Local codebase files (SKILL.md). • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are provided. • Capability inventory: The skill has file-writing capabilities to save design documents (SKILL.md). • Sanitization: The skill does not mention any sanitization or validation of codebase content before processing.

plan-groom