The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to add a custom marketplace and install plugins from a GitHub repository ('sjsyrek/claude-plugins' and 'sjsyrek/design-council') that does not belong to the primary author's verified organization ('Aradotso') and is not on the platform's trusted vendor list.
[COMMAND_EXECUTION]: The skill automatically executes shell commands (e.g., 'bd memories', 'bd create', and 'grep') to integrate with the 'beads' tracking system and scan local environment memory during the brief assembly phase.
[REMOTE_CODE_EXECUTION]: The orchestration logic involves dynamically spawning multiple independent agents using the 'Agent' tool with prompts constructed at runtime. This dynamic execution of background processes based on local project state could be exploited if configuration files are compromised.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection. \n 1. Ingestion points: 'CLAUDE.md', project memory, and referenced specifications/ADRs (SKILL.md). \n 2. Boundary markers: Absent in the 'Phase 1: Brief Assembly' logic. \n 3. Capability inventory: 'Agent', 'SendMessage', 'Execute', and 'TeamCreate' (SKILL.md). \n 4. Sanitization: No sanitization or validation of the external project content is mentioned before interpolation into agent prompts.

design-council-orchestration