The Agent Skills Directory

Overall Security (SAFE): The skill describes a legitimate design workflow. It does not contain hardcoded credentials, malicious network operations, or unauthorized command execution. File system interaction is restricted to saving output to a specific 'plans/' directory as part of its intended functionality.
Indirect Prompt Injection (SAFE): The skill processes untrusted user input and external web research, which constitutes a potential ingestion surface, but it lacks exploitable capabilities. 1. Ingestion points: User requirement strings and optional web research results. 2. Boundary markers: Logical phase separation (Clarification vs. Design). 3. Capability inventory: Local file writing to the 'plans/' directory. 4. Sanitization: Multi-step review process with a minimum quality score (Rubric A >= 7.0) and manual 'Adopt/Adapt/Discard' user filters for external inspiration.

all-plan