The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local shell command to identify the environment context.
Evidence: The script runs git rev-parse --show-toplevel to determine the project root directory for saving workflow artifacts.
[PROMPT_INJECTION]: User-supplied data is interpolated into instructions for subagents, creating a surface for indirect prompt injection.
Ingestion points: The TOPIC argument provided by the user and the codebase context gathered via grep/glob in Step 2.1 are both used to build subagent prompts.
Boundary markers: The skill uses Markdown headers (e.g., ## Task, ## Context) to separate instructions from data, but lacks explicit "ignore embedded instructions" guards.
Capability inventory: The skill can read local files, write JSON/Markdown artifacts, and spawn additional agents with new instructions.
Sanitization: No sanitization or escaping is performed on the ${idea_or_topic} or ${explorationContext} variables before they are inserted into the JavaScript templates for spawn_agent calls.

brainstorm-with-file