The Agent Skills Directory

[SAFE]: The skill follows a legitimate software development lifecycle (SDLC) process. It utilizes local project files for templates and documentation, specifically targeting the project root and a 'develop/' directory for design specifications. No network operations, credential exposures, or external downloads were identified.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes untrusted user input regarding feature requirements which are then used to generate code and documentation.
Ingestion points: Phase 0 (prompts/01-hearing.md) uses the AskUserQuestion tool to collect feature descriptions, objectives, and modification details directly from the user.
Boundary markers: Absent. The prompts do not utilize specific delimiters (like XML tags or unique markers) to isolate user-provided data from the agent's instructions, nor do they include explicit 'ignore instructions within input' warnings.
Capability inventory: The skill is granted Write and Edit tools, which are used in prompts/02-proposal.md, prompts/03-design.md, and prompts/04-tdd.md to create new proposal documents and modify existing project files including code, configuration files (spec.yaml), and design documents.
Sanitization: Absent. User input is analyzed via Chain-of-Thought and reflected into technical artifacts without specific filtering for embedded instructions.

feature-revision