The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process untrusted external data, such as design specifications and user stories, during the planning and implementation phases defined in SKILL.md.
[PROMPT_INJECTION]: Ingestion points: Design specs and user stories are identified as primary inputs in SKILL.md (Phase 1 and 2).
[PROMPT_INJECTION]: Boundary markers: No specific delimiters or instructions to ignore embedded commands within the input data are provided.
[PROMPT_INJECTION]: Capability inventory: The agent is granted access to powerful tools including Bash, Read, Grep, and Glob.
[PROMPT_INJECTION]: Sanitization: The instructions do not explicitly require the validation or escaping of external content before it is processed. This surface is inherent to the developer use case and is mitigated by the structured workflow and manual review steps.
[DATA_EXPOSURE]: The skill proactively addresses data security by including a 'Handoff Checklist' in SKILL.md that mandates a verification step to ensure no hardcoded secrets, tokens, or environment-specific values are present in the client code.
[EXTERNAL_DOWNLOADS]: Reference files (accessibility-checklist.md and performance-checklist.md) recommend well-known and trusted industry tools for auditing, such as Lighthouse, axe-core, pa11y, and WebAIM contrast checkers.

frontend-dev