The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local scripts (trace_lint.py and trace_build_rtm.py) situated in the plugins/testany-eng/scripts/ directory to perform validation and traceability checks on the generated design documents. These are recognized as vendor-provided tools for document quality assurance.
[PROMPT_INJECTION]: The skill's workflow involves reading and processing external documentation (PRDs and API Contracts), which constitutes an indirect prompt injection surface. This risk is effectively mitigated by the skill's core principles, which mandate evidence-based design and the use of the AskUserQuestion tool to resolve technical ambiguities rather than following instructions embedded in the data.
[DATA_EXFILTRATION]: The skill performs local file system operations using Glob to discover technical documentation and technical configurations (e.g., package.json). No network operations targeting external or non-whitelisted domains were detected, and the skill does not attempt to access sensitive system files like credentials or SSH keys.

hld-writer