The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses and references the ao CLI tool (e.g., ao agent bundle, ao mcp serve) and includes scripts that execute local shell commands. It also references executing commands on a remote host via SSH (ssh bushido). These operations are consistent with the documented purpose of managing agent deployments in a specific technical environment.
[DATA_EXPOSURE]: The instructions explicitly warn against bundling sensitive data (PII, holdout sets) into cloud agent definitions, demonstrating an awareness of data privacy constraints in managed environments.
[INDIRECT_PROMPT_INJECTION]: The skill facilitates the bundling of external skill files into an agent's system instructions. While this creates a potential surface for indirect injection if a skill file is compromised, the skill itself is a management utility for this architectural pattern.
Ingestion points: ao agent bundle stitches skills/<name>/SKILL.md into instructions.
Boundary markers: None explicitly mentioned in the bundling logic.
Capability inventory: ao CLI tools (bootstrap, inject, validate, etc.) and potential shell tool access.
Sanitization: Not explicitly documented in the provided snippets.

agent-native