The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted user data, including '季度目标' (quarterly goals) and '依赖方信息' (dependency info), into the agent context for processing as defined in SKILL.md.
[INDIRECT_PROMPT_INJECTION]: Mandatory Evidence Chain: (1) Ingestion points: User-provided project parameters enter the context through the core workflow inputs. (2) Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore embedded instructions within the user data. (3) Capability inventory: The skill reads a local file ('assets/roadmap-template.html') and has the capability to write/generate new HTML files. (4) Sanitization: Absent. The skill does not instruct the agent to escape or validate user-controlled strings before interpolation.
[DYNAMIC_EXECUTION]: The skill generates a standalone HTML document that includes embedded JavaScript in the 'assets/roadmap-template.html' template.
[DYNAMIC_EXECUTION]: User-controlled project data is interpolated directly into the generated script blocks and HTML structure without escaping, creating a surface for stored Cross-Site Scripting (XSS) that triggers when the resulting roadmap file is opened in a web browser.

SPACE-roadmap-planner