The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because user-provided feature descriptions ($ARGUMENTS) are interpolated into the architect subagent's prompt without boundary markers.
Ingestion points: File SKILL.md uses the $ARGUMENTS variable in the Phase 1.1 task prompt.
Boundary markers: Absent; the user input is directly embedded in the instruction string without delimiters like quotes or XML tags.
Capability inventory: The workflow uses the 'Task' tool to execute various subagents for architecture, code generation, and documentation.
Sanitization: No validation or escaping of the user input is implemented before it is processed by the subagent.

multi-platform-apps-multi-platform