The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes unvalidated user input from $ARGUMENTS to generate the system's execution context.
Ingestion points: The user's goal provided via $ARGUMENTS is the primary entry point for untrusted data into the skill's logic.
Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the user's goal before it is used to generate documentation.
Capability inventory: The skill possesses the capability to create directories and write multiple files (spec.md, plan.md, metadata.json) which define the behavior of downstream agents. It also has the capability to orchestrate other agents (conductor-orchestrator).
Sanitization: The skill lacks evidence of sanitization or validation for the content of the user's goal, allowing it to flow directly into instruction-heavy files like spec.md and plan.md.
[COMMAND_EXECUTION]: The skill performs automated file system management and agent orchestration.
The skill automatically creates project directories and writes metadata and planning files based on interpreted goals.
The skill programmatically invokes the conductor-orchestrator agent, which in turn dispatches specialized tools and agents based on the generated plan.

go