The Agent Skills Directory

[PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by incorporating unvalidated user input into documentation files that are subsequently read by the agent to guide implementation.
Ingestion points: User-provided feature requests, user stories, and bug descriptions are ingested through activation patterns in SKILL.md.
Boundary markers: The Task and PRD templates in references/full-guide.md lack explicit delimiters or instructions to treat user-provided content as untrusted.
Capability inventory: The agent has the capability to read project files using cat and grep, and write new Markdown files to the local project structure.
Sanitization: No sanitization or filtering is applied to user input before it is written to the Task and PRD files.
[COMMAND_EXECUTION]: The workflow involves executing local shell commands such as cat and grep to inspect project architecture documents and search for existing code patterns. These operations are intended for context gathering within the local environment.
[EXTERNAL_DOWNLOADS]: The skill fetches framework-specific documentation using the Context7 MCP tool from well-known repositories, such as those belonging to Vercel and NestJS, to inform the planning process.

task-prd-creator