The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the direct interpolation of user-controlled feature descriptions ($ARGUMENTS) into instructions for sub-agents. This allows a malicious user to potentially embed instructions that could be executed by sub-agents during critical phases like backend implementation or deployment pipeline configuration.
Ingestion points: The $ARGUMENTS variable is used throughout SKILL.md to provide context to various sub-agents.
Boundary markers: No delimiters or explicit warnings are used to isolate user input from the agents' core instructions.
Capability inventory: Sub-agents requested by this skill possess capabilities to write application code, create CI/CD pipelines, and configure security scanners.
Sanitization: No input validation or instruction filtering is performed before processing the feature description.
[NO_CODE]: The skill consists solely of a markdown configuration file (SKILL.md) for workflow orchestration and does not include any local scripts, libraries, or executable binaries.

backend-development-feature-development