The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external sources, specifically the PRD file (_prd.md) and the project's codebase. Maliciously crafted content within these files could potentially influence the agent's reasoning or the technical designs it generates.\n
Ingestion points: Business requirements and technical context are gathered by reading the _prd.md file and performing codebase exploration as described in the Workflow section of SKILL.md.\n
Boundary markers: The instructions do not define explicit delimiters or security warnings to isolate ingested data from the agent's core instructions.\n
Capability inventory: The skill involves reading and writing files within the .compozy directory and utilizing agent tools for codebase analysis.\n
Sanitization: The workflow does not include any validation or sanitization steps for the content extracted from the PRD or analyzed source code.

cy-create-techspec