The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by passing unsanitized user input into the context of downstream subagents.
Ingestion points: The $ARGUMENTS variable is used in prompts for subagents throughout all phases in SKILL.md.
Boundary markers: No delimiters or isolation instructions are present to separate user input from agent instructions.
Capability inventory: The skill has the capability to generate and review code by invoking subagents via the Task tool (e.g., backend-architect, test-automator).
Sanitization: No input validation, escaping, or filtering is applied to the input before it is used to drive agent behavior.

tdd-workflows-tdd-cycle