The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by interpolating untrusted data through the $ARGUMENTS variable. Malicious instructions embedded in the input could potentially influence the behavior of the orchestrated sub-agents. \n- Ingestion points: $ARGUMENTS variable in SKILL.md. \n- Boundary markers: None (the input is interpolated without delimiters). \n- Capability inventory: Orchestrates calls to sub-agents (requirement-analyzer, technical-designer, document-reviewer, design-sync). \n- Sanitization: None (no validation or escaping of the input is performed before interpolation). \n- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, script downloads, or dynamic code execution functions were detected. \n- [DATA_EXFILTRATION]: The skill does not perform network operations or access sensitive local file paths like credentials or configuration files.

recipe-design