The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute git log --oneline -20 to analyze recent project history and git commit to finalize design documentation. These operations are restricted to the local repository and serve the primary function of context gathering and persistence of work.
[PROMPT_INJECTION]: The discovery phase (Phase 1) creates a surface for indirect prompt injection by reading untrusted data from the local project environment into the agent's context. 1. Ingestion points: Project files, READMEs, documentation in the docs/ folder, and git commit messages are read by the agent. 2. Boundary markers: The instruction files do not specify the use of delimiters or 'ignore' instructions to isolate the content of analyzed files from the system prompt. 3. Capability inventory: The agent has the ability to read and write local files, execute git commands, and invoke the writing-plans skill. 4. Sanitization: No explicit sanitization, validation, or filtering of the content read from the file system or git history is required by the skill instructions.

brainstormingv2