The Agent Skills Directory

[SAFE]: The skill contains no executable code or scripts, focusing instead on documentation and prompt templates. No network operations, sensitive file access, or persistence mechanisms were detected.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process implementation plans. Ingestion points: External plan files (referenced in SKILL.md and implementer-prompt.md) are read to extract task text. Boundary markers: Templates use Markdown headers (e.g., '## Task Description') to separate system instructions from task data. Capability inventory: Subagents have the capability to write files, commit code, and run tests (implementer-prompt.md). Sanitization: No sanitization of the input plan content is performed. This surface is considered a low risk and is consistent with the skill's primary purpose; it is further mitigated by the 'spec-reviewer-prompt.md' which explicitly instructs agents not to trust implementation reports and to verify code independently.

subagent-driven-development