The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill provides a surface for Indirect Prompt Injection (Category 8) by using external state data to influence the generation of executable plans.\n * Ingestion points: The 'Current State' and 'Goal State' definitions are untrusted data points that enter the agent context through the SKILL.md configuration or runtime input.\n * Boundary markers: Absent; there are no clear delimiters or safety instructions provided to the agent to ignore instructions embedded within these state descriptions.\n * Capability inventory: The skill utilizes 'Bash', 'Write', and 'Task' tools, allowing it to execute file operations and shell commands based on generated plans.\n * Sanitization: There is no evidence of input validation, sanitization, or escaping of state-based variables before they are interpolated into the plan generation logic.

planning-goal