The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/adr-manager.py utility uses subprocess.run to retrieve the current user's name from Git configuration (git config user.name). This execution is safe as it uses a fixed list of arguments, does not invoke a shell, and is used solely for populating the 'Authors' field in generated documents.
[DYNAMIC_CONTEXT_INJECTION]: The scripts/create-adr.md file utilizes dynamic context injection (! syntax) to auto-populate the date, git author, and calculate the next sequential ADR number. These operations are read-only project metadata lookups and do not incorporate user-supplied input into the shell commands, preventing command injection.
[DATA_EXPOSURE]: The skill reads from the project's documentation directory (docs/adr/) and git configuration to maintain the ADR index. It does not attempt to access sensitive system files, environment variables, or credentials.
[INDIRECT_PROMPT_INJECTION]: As a tool designed to ingest user-provided architectural context and generate files, the skill naturally has a data ingestion surface. However, it implements proper sanitization for file paths (using regex slugs) and is intended for local documentation workflows, posing a negligible risk in its intended context.

architecture-decision-record