The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests untrusted data from files such as spec.md and product-context.md during the orchestration process.
Ingestion points: SKILL.md (consumes field) and various agent prompts including agents/api-agent.md and agents/schema-agent.md.
Boundary markers: The agents utilize a strict Input Contract and Output Contract defined in agents/_template.md to maintain scope.
Capability inventory: The skill has no execution capabilities (no tool usage, shell execution, or network calls); it only produces markdown documentation in .agents/system-architecture.md.
Sanitization: A specialized critic-agent.md performs internal consistency checks and quality gate reviews to ensure the generated architecture aligns with specified requirements.
[DATA_EXPOSURE]: The reference file references/deployment-patterns.md contains example environment variable templates (e.g., CLERK_SECRET_KEY=sk_..., STRIPE_SECRET_KEY=sk_...). These are identified as illustrative placeholders for developer guidance rather than actual hardcoded credentials.

system-architecture