The Agent Skills Directory

[COMMAND_EXECUTION]: The skill extensively documents the use of the agy CLI tool for managing agent workflows. It includes instructions for running headless tasks using agy --print and managing plugins via agy plugin. While it mentions the --dangerously-skip-permissions flag, it includes a mandatory safety rule (Rule 5) to keep the dcg (destructive-command guard) active to prevent unauthorized or harmful system changes.
[EXTERNAL_DOWNLOADS]: The skill references the capability to install plugins from a remote marketplace (agy plugin install <name@marketplace>). This is described as a standard administrative function of the AGY tool for extending its features.
[INDIRECT_PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes "beads" and "evidence" from external repositories. However, it implements strong mitigation strategies, including 'author!=judge' context separation (Rule 2) and mandatory evidence-gated closing of tasks (Rule 3) to prevent a single compromised context from making authoritative changes.

agy-native