The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses instructional language to guide the agent's behavior for documentation tasks. There are no attempts to bypass safety filters, extract system prompts, or override agent constraints.
[DATA_EXFILTRATION]: No network operations, hardcoded credentials, or access to sensitive system files (e.g., SSH keys, AWS config) were detected. Interactions are limited to reading project-specific documentation using the 'cat' command.
[COMMAND_EXECUTION]: The skill instructs the agent to use 'cat' to read local documentation files. This is a legitimate and scoped operation for the purpose of updating project specifications.
[REMOTE_CODE_EXECUTION]: There are no remote script downloads, external package installations, or execution of untrusted code. The skill focuses entirely on markdown-based documentation management.
[INDIRECT_PROMPT_INJECTION]: While the skill involves reading and writing documentation based on task results, it does not ingest data from untrusted external sources like public web pages or third-party APIs that could lead to indirect injection. Access is restricted to internal project files.

trellis-update-spec