The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests data from external project documents to drive code generation and execution, which constitutes an indirect prompt injection surface. \n- Ingestion points: Documents located in the contract/ directory, technical proposals (<proposal>), and product specifications. \n- Boundary markers: No specific markers or instructions are provided to the agent to treat documentation content as untrusted data distinct from operational instructions. \n- Capability inventory: The skill can write files to the test directories, manage git branches/worktrees, and execute system orchestration commands via the aspire tool. \n- Sanitization: The workflow relies on a mandatory human review of generated pull requests to detect and prevent the execution of malicious or unintended code generated from documentation inputs.

z-test