The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes external content and user input to generate documentation, creating a vulnerability surface.
Ingestion points: User input via the enquirer library and structured data from assets/requirements.yaml.
Boundary markers: None identified in the skill configuration.
Capability inventory: File system write operations used to export nonfunctional_requirements.md.
Sanitization: Relies on standard ejs rendering; no specific sanitization logic for user-provided strings is documented.
[Data Exposure] (LOW): The skill documentation (Knowledge Protocol) mentions the integration of 'Confidential' and 'Personal' knowledge tiers. There is a risk that sensitive internal data could be inadvertently included in the generated Markdown report if the assessment script does not implement strict data filtering.
[Dynamic Execution] (LOW): Uses the ejs library for document generation. While common, dynamic template rendering can be exploited if the inputs are not strictly controlled, although this is a low risk in a local-only development tool.

nonfunctional-architect