The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The generate_slug step uses the Bash command echo "$description". Because the $description variable contains raw user input from the command arguments, a user could provide a description containing shell subshells or backticks (e.g., $(whoami)) to execute arbitrary code within the agent's terminal environment before the sanitization logic is applied.
[PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection by processing external data.
Ingestion points: Reads project roadmap data from .planning/ROADMAP.md in the load_roadmap step.
Boundary markers: None. The skill reads the entire file content into context without using delimiters or instructions to ignore embedded commands.
Capability inventory: Uses Bash (mkdir, echo, sed, tr, printf), Write (updating ROADMAP.md and STATE.md), and Read (file inspection).
Sanitization: The skill applies a kebab-case slugging process using sed to sanitize directory names, but it does not sanitize or escape the description variable before writing it into the ROADMAP.md or STATE.md files.

kata-inserting-phases