The Agent Skills Directory

[SAFE]: The skill's primary function is local repository analysis and documentation generation. It follows a structured process to clarify user requirements and does not attempt to access network resources or sensitive system files.
[SAFE]: The skill utilizes file-system tools and the Bash tool for codebase surveying. This activity is confined to the local environment and aligns with the tool's intended use-case of understanding existing project structure to resolve implementation ambiguities.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection because it ingests untrusted data from the local repository which could contain malicious instructions.
Ingestion points: The skill reads project-level configuration files (e.g., CLAUDE.md), architecture decision records (ADRs), and up to 15 source code files during the 'Codebase Survey' step.
Boundary markers: The instructions do not specify the use of delimiters or 'ignore instructions' warnings when reading these external files.
Capability inventory: The skill has access to tools including Bash, Write, and Edit, which could be exploited if a processed file successfully injects instructions.
Sanitization: There is no explicit sanitization or validation of the content read from files before the data is processed by the agent to form assumptions or identify gray areas.

pre-planning-discussion