The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. Ingestion points: The skill ingests untrusted data from local files (story.md, docs/tasks/**/*.md) and Linear issue descriptions. Boundary markers: The skill interpolates this data into prompt templates ({story_ref}, {task_refs}) but does not specify the use of delimiters or 'ignore' instructions to prevent the external agents from obeying instructions embedded in the task data. Capability inventory: The skill utilizes file system access (Glob, Read, Save) and network API calls to task management providers. Sanitization: There is no documented evidence of sanitization or validation of the external content before it is processed by the review agents.

ln-513-agent-reviewer