The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill retrieves technical guidance and best practices from various external documentation sites. The strategist subagent is instructed to fetch content from well-known and reputable sources such as docs.python.org, go.dev, typescriptlang.org, zod.dev, and pydantic.dev. These interactions are restricted to documentation retrieval and are directed at trusted technology vendors and established open-source projects.
[COMMAND_EXECUTION]: The strict-rewrite-implementer subagent executes shell commands defined as VALIDATION_COMMAND to verify the refactored code. While the skill primarily targets standard project checkers like mypy, staticcheck, or npm test, it possesses the capability to run arbitrary shell commands provided by the user or inferred from the project structure. This is an expected functionality for a code refactoring agent to ensure behavioral preservation.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests untrusted source code as its primary input (TARGET_CODE). Ingestion points are located in the main SKILL.md and the strict-baseline-mapper.md subagent. The skill lacks explicit boundary markers or sanitization logic to strip instructions from code comments. However, the risk is mitigated by a multi-agent validation loop where the strict-rewrite-reviewer inspects the final diff for behavior drift and scope creep. The skill has capabilities to modify the local filesystem and execute commands through the implementer subagent.

rewriting-code-strictly