The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill directs the agent to read and incorporate guidelines from local files into its development workflow. 1. Ingestion points: Documentation files located in .trellis/spec/backend/ are read into the agent context. 2. Boundary markers: Absent. The skill does not provide delimiters to distinguish the guidelines from system instructions. 3. Capability inventory: The agent is expected to perform backend development based on these guidelines, which likely involves high-privilege operations like writing code or executing tests. 4. Sanitization: Absent. The skill does not verify or sanitize the content of the guideline files, allowing for potential instruction override if the repository is compromised.

before-backend-dev