The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by design, as it processes untrusted codebase content to generate documentation. Adversarial content within the scanned project could manipulate the output or behavior of the documentation agents. * Ingestion points: The scanner-agent.md and concept-extractor-agent.md agents are instructed to map the project structure and read various file types (entry points, routes, configs, models) to extract product identity and features. * Boundary markers: The instructions for the agents do not define clear delimiters for the ingested code content nor do they provide explicit 'ignore embedded instructions' warnings for the processing of external data. * Capability inventory: The system has the capability to read all files in the project directory and write files (e.g., README.md, docs/) to the project root or specified locations. * Sanitization: No sanitization, escaping, or validation logic is specified for the data extracted from the codebase before it is passed to the writer-agent or critic-agent for processing.

technical-writer