The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill contains instructions for the user to install additional related skills from the author's repository (b12consulting/skills) using the npx skills add command. This is used to ensure the full set of documentation tools is available.
[COMMAND_EXECUTION]: The skill performs extensive file system operations, including reading project documentation and proposing updates to files like Changelog.md or the project README.md. These actions are directly related to its core purpose of maintaining documentation health.
[DATA_EXFILTRATION]: The skill scans local configuration files such as package.json, pyproject.toml, and Cargo.toml to identify discrepancies between the actual tech stack and the project's architecture documentation. There is no evidence of this data being transmitted to external servers.
[PROMPT_INJECTION]: The skill processes content from various local Markdown files (PRD, tickets, Vision). While these files are technically untrusted data sources that could contain instructions, the skill's lack of network-facing capabilities mitigates the risk of indirect prompt injection attacks.

specs-review