The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates workflow steps by executing local shell commands (ls) to verify document structures and Python scripts (ai_dev_ssd_flow/scripts/validate_prd_ready.py, ai_dev_ssd_flow/scripts/update_traceability_matrix.py) for scoring and matrix updates. These actions are limited to the local file system and project-internal paths.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it ingests content from external BRD files (docs/01_BRD/) to generate PRDs. Evidence Chain: 1. Ingestion: Reads BRD documents from docs/01_BRD/. 2. Boundary markers: No explicit delimiters or ignore-instructions specified. 3. Capability inventory: Writes to docs/02_PRD/ and executes local scripts. 4. Sanitization: Implemented via multi-stage validation and audit reviews (Phases 4 and 5) to ensure integrity.
[SAFE]: The skill contains no remote code execution patterns, obfuscation, or network requests. It operates within a defined workspace and delegates complex tasks to specialized local sub-skills, maintaining a clear chain of custody for document artifacts.

doc-prd-autopilot