The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill automatically ingests data from external markdown files located in a hidden directory (.claude/knowledge-base/requirements/) based on keyword detection. This creates a surface where instructions embedded in these documentation files could influence the agent's behavior. Evidence: 1. Ingestion points: File reads from '.claude/knowledge-base/requirements/{requirement-name}.md'. 2. Boundary markers: None specified in the instructions for isolating document content. 3. Capability inventory: Uses 'Read' and 'Edit' tools to modify 'specification.md'. 4. Sanitization: The skill relies on predefined requirement names but lacks explicit validation of the document content before context integration.

requirement-detector