The Agent Skills Directory

[COMMAND_EXECUTION]: The skill initiates a local subprocess call to .specify/scripts/bash/check-prerequisites.sh to extract project-specific metadata. While the script path is static, the skill processes user-provided arguments which could lead to command injection if not handled properly.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading content from spec.md, plan.md, and tasks.md to inform checklist generation. 1. Ingestion points: Markdown files located in the FEATURE_DIR (Step 4). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the retrieval step. 3. Capability inventory: The skill has the ability to execute shell scripts (Step 1) and write files to the local filesystem (Step 5). 4. Sanitization: The prompt includes explicit instructions for the agent to escape single and double quotes when handling shell arguments, providing a baseline level of protection against basic injection attempts.

speckit-checklist