The Agent Skills Directory

Indirect Prompt Injection (SAFE): The skill processes external implementation plans, creating a potential ingestion surface for untrusted data. However, the architecture includes strong mitigations such as mandatory two-stage reviews and explicit instructions for reviewers to verify code independently rather than trusting implementer reports. * Ingestion points: implementer-prompt.md and spec-reviewer-prompt.md. * Boundary markers: Employs Markdown headers as structural delimiters. * Capability inventory: Subagents are granted code-writing and testing capabilities. * Sanitization: Risks are mitigated through cross-verification by independent reviewer agents.

subagent-driven-development