The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit behavioral override instructions designed to bypass the agent's natural reasoning regarding implementation order.
Evidence: The file references/anti-rationalization.md implements an 'Iron Law' and 'Red Flags' system that commands the agent to 'STOP IMMEDIATELY' if it detects certain rationalizations in its own reasoning process.
The module explicitly mentions using 'Authority + commitment language' to 'double LLM compliance', which is a meta-instruction technique used to manipulate model weighting and ignore default safety or procedural guidelines in favor of the skill's specific TDD requirements.
[PROMPT_INJECTION]: Indirect Prompt Injection Surface identified in the testing workflow.
Ingestion points: The agent is instructed to read and process user-provided production code, API specifications, and database schemas to generate test suites (SKILL.md, references/api-contract-openapi.md).
Boundary markers: There are no instructions provided to wrap external code in delimiters or to ignore potential instructions embedded in comments within the user's source files.
Capability inventory: The agent is granted capabilities to write test files, modify project structures, and integrate with CI pipelines, which could be exploited if malicious instructions are present in the ingested code (references/api-test-ci-pipelines.md).
Sanitization: The skill lacks any requirement for the agent to sanitize or validate the content of the source code before using it to generate executable test logic.

testing-strategy