The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses several utility subagents that execute shell commands to inspect the local environment. For example, codebase-inspector.md uses git commands to summarize repository state, and code-reference-finder.md uses rg (ripgrep) to search for code symbols. These tools are used as intended for repository analysis.
[EXTERNAL_DOWNLOADS]: The skill references a large number of external URLs for documentation and conceptual guidance. These sources include official documentation from GitHub, Atlassian, and Anthropic, as well as developer resources from well-known entities like NN Group and the Agent Skills project. These are used exclusively for informational purposes during the workflow.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from external sources like Jira tickets and GitHub issues. Malicious instructions could be embedded in ticket descriptions or comments to attempt to subvert the agent's planning or execution phases. While the skill uses markdown headers as boundary markers to delimit external content, it does not specify any sanitization procedures. This vulnerability is mitigated by structural design and mandatory human approval gates before the orchestrator permits any downstream skills to perform platform writes or code modifications.

orchestrating-workflow