The Agent Skills Directory

[PROMPT_INJECTION]: The skill reads and processes plan files (shared.md, backend.md, schema.mmd) in Step 1 to derive business logic and code structure, creating an indirect prompt injection surface. * Ingestion points: Plan files at {plan_root}/{slice}/ are read in Step 1. * Boundary markers: None specified to delimit plan data from instructions. * Capability inventory: The skill can write multiple source files (Steps 3-9) and execute shell commands (Steps 10-11). * Sanitization: No validation or sanitization of input plan content is performed.
[COMMAND_EXECUTION]: The skill executes shell commands for migrations and tests in Steps 10 and 11 using tool paths and commands defined in mode configuration files. These commands interpolate the {slice} variable from the plan, which could lead to command injection if the plan name or content is manipulated to include shell metacharacters.

domain-scaffolder-backend