The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted user input from the $ARGUMENTS variable to generate specification files (spec.md) and metadata. This creates an indirect prompt injection surface where instructions embedded in a feature description could be persisted and later influence agents performing implementation or testing tasks.
Ingestion points: User input captured in $ARGUMENTS and processed during the 'Discovery Gate' in SKILL.md.
Boundary markers: Absent; there are no specific delimiters or instructions to treat the interpolated user input as non-executable data.
Capability inventory: The skill writes to the local file system (spec.md, meta.json, checklists/requirements.md) and executes local CLI commands.
Sanitization: No sanitization or filtering logic is present to identify or neutralize prompt injection attempts within the user's description.
[COMMAND_EXECUTION]: The skill executes local system commands and a vendor-specific CLI tool to manage project state.
Evidence: SKILL.md invokes git branch --show-current and spec-kitty agent feature create-feature "<slug>" --json.
Context: These operations are consistent with the skill's purpose of automating repository-based planning workflows.

spec-kitty-specify