The Agent Skills Directory

[COMMAND_EXECUTION]: The skill frequently executes the acpx command-line tool and git commands (git rev-parse, git diff) to manage the TDD workflow, audit tests, and review implementation diffs.
[DATA_EXFILTRATION]: The workflow involves reading production files, existing tests, and git diffs, which are then written into prompt files for processing by the external acpx tool. Although the skill explicitly instructs the agent to 'Sanitize secrets before including file contents in any prompt file,' the transmission of project data to an external service is a core part of its functionality.
[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. It ingests data from user-provided plan files (Phase 0) and local production/test files (Phase 1). This content is subsequently interpolated into prompt files for the external auditor persona (Phase 3 and Phase 6) without explicit boundary markers or specific instructions to the auditor to ignore potential malicious instructions embedded within those files.
Ingestion points: SKILL.md Phase 0 (task description/plan file) and Phase 1 (production files/tests).
Boundary markers: None explicitly defined when building the <prompt-file> beyond the persona definition.
Capability inventory: Shell execution (acpx, git), file reading, and file writing across SKILL.md.
Sanitization: Includes secret sanitization but lacks sanitization or escaping for natural language instructions embedded in data.

tdd-claude-acpx