The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses aggressive, absolute language to override the agent's decision-making process. Specifically, it uses tags like <EXTREMELY-IMPORTANT> and instructions such as "you MUST invoke it. No exceptions, no rationalizations" and "If you're thinking 'this doesn't need a skill' — it probably does."
[COMMAND_EXECUTION]: The skill automatically executes a local shell script ${CLAUDE_PLUGIN_ROOT}/scripts/init-planning-dir.sh if a specific directory structure is not found.
[PROMPT_INJECTION]: Indirect injection risk via project files. The skill instructs the agent to read content from .planning/progress.md and .planning/findings.md to recover session context.
Ingestion points: SKILL.md (Session Recovery section) reads files from the .planning/ directory.
Boundary markers: Absent; the content of these files is incorporated into the session context without specific delimiters.
Capability inventory: The skill executes shell scripts and routes tasks to other skills with extensive capabilities including subagent spawning, TDD execution, and Git operations.
Sanitization: Absent; the agent is instructed to read and update these files directly without validation.

main