The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses the $ARGUMENTS variable to pass user input directly into the prompts of multiple specialized subagents (e.g., data-scientist, business-analyst, backend-architect) without using delimiters or boundary markers. This represents a surface for indirect prompt injection where malicious input could attempt to override the subagents' specialized instructions.
Ingestion points: The $ARGUMENTS variable is interpolated into prompts across Phase 1 through Phase 6 in SKILL.md.
Boundary markers: None present; user input is concatenated directly into the instructional string.
Capability inventory: The targeted subagents are designed to perform complex tasks including data analysis, architecture design, and code implementation.
Sanitization: No validation or escaping of the $ARGUMENTS content is performed before interpolation.

data-engineering-data-driven-feature