The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses local Python scripts (resolve_customization.py) and various shell scripts (scripts/publish-pact.sh, scripts/check-pact-determinism.sh) to manage its workflow and integrate with testing tools.
[DYNAMIC_EXECUTION]: The workflow steps in steps-v/step-01-validate.md and steps-e/step-02-apply-edit.md instruct the agent to execute arbitrary terminal commands resolved from the workflow.on_complete key in configuration files. While intended for post-completion hooks, this provides a mechanism for arbitrary command execution if local configuration overrides are modified.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from the project root, such as Product Requirement Documents (PRDs), Tech Specs, and Acceptance Criteria (step-01-load-context.md), to build its coverage oracle. These documents could contain instructions that attempt to influence the agent's gap analysis or gate decisions.

bmad-testarch-trace