The Agent Skills Directory

[Unverifiable Dependencies & Remote Code Execution] (LOW): The skill documentation references a local script scripts/user_story_generator.py. While the script's source code is not provided in the input, the documented usage for generating INVEST-compliant user stories and planning sprints is standard and consistent with the skill's stated purpose.\n- [Indirect Prompt Injection] (LOW): The skill processes untrusted user-provided data (epics) to generate structured output. Mandatory Evidence Chain: 1. Ingestion points: User-provided epics processed by the generator script. 2. Boundary markers: Absent from the documentation. 3. Capability inventory: Execution of local Python scripts and LLM reasoning/generation. 4. Sanitization: Not documented. The risk is considered low because the untrusted input primarily influences text generation rather than enabling file system modifications or network access.

agile-product-owner