The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes standard shell commands like 'ls' to verify the existence of specification folders within the local 'docs/09_SPEC/' directory. It also triggers a local Python script 'ai_dev_ssd_flow/scripts/update_traceability_matrix.py' to synchronize documentation metadata. These operations are confined to the project's local directory structure and are essential for its stated purpose.
[PROMPT_INJECTION]: The skill is designed to ingest external data from REQ (Requirements) and CTR (Contract) documents to generate specifications. This creates an indirect prompt injection surface (Category 8). Evidence chain analysis:
Ingestion points: Reads requirement files and user-provided prompts.
Boundary markers: The skill enforces a strict 13-section YAML schema for output, which serves as a structural boundary.
Capability inventory: Limited to local script execution and file writing within the project repository.
Sanitization: Relies on structured YAML generation and multiple validation phases (Phase 4 and Phase 5) to ensure content compliance. The risk is assessed as safe given the documentation-centric nature of the workflow.

doc-spec-autopilot