The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted user-provided content from specification files, creating a surface for indirect prompt injection.
- Ingestion points: The skill reads project data from specs/1_产品概述.md and specs/3_项目结构.md.
- Boundary markers: The skill references an external file (specs/GUARDRAILS.md) for safety rules but does not implement specific data delimiters in its workflow.
- Capability inventory: The skill can scan directory structures (docs/product_prototypes/, src/modules/) and write to local files (specs/6_开发路线图.md).
- Sanitization: No explicit sanitization or validation of the input content is performed before it is used to generate the roadmap.
[COMMAND_EXECUTION]: The skill describes a progress detection workflow that involves scanning the local file system. This is a standard functional requirement for a project planning agent and does not involve the execution of arbitrary shell commands or privileged operations.

project-roadmap-planning