The Agent Skills Directory

[SAFE]: The skill implements a legitimate documentation and state preservation workflow. It processes session data through structured subagents and writes results to JSON artifacts and Markdown files as intended.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests conversation history and external tracking files. While it lacks explicit boundary markers to separate data from instructions, the risk is minimal due to the use of rigid output schemas and the absence of high-risk capabilities like network exfiltration or shell execution. * Ingestion points: Conversation history via CONTEXT_SOURCE and external notes via TRACKING_FILES. * Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the subagent instructions. * Capability inventory: The skill is limited to reading project files and writing documentation artifacts. * Sanitization: No input sanitization or validation of the processed text content is defined.

generate-handoff-document