The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified in the skill's logic or scripts.
[COMMAND_EXECUTION]: The skill executes local CLI tools such as ao and bd, along with project-specific scripts like scripts/checkpoint-commit.sh and scripts/log-telemetry.sh. These operations are used for telemetry, state persistence, and history searching within the local repository environment.
[PROMPT_INJECTION]: The skill processes untrusted input through the task goal and external project files like PRODUCT.md. This constitutes an indirect prompt injection surface as these inputs influence the behavior of delegated sub-skills and the content of the generated execution packet. Ingestion points: Goal argument, PRODUCT.md at repo root, and artifacts in .agents/research/ and .agents/plans/. Boundary markers: Uses structured YAML and JSON for inter-phase data handoffs. Capability inventory: Execution of local CLI tools and internal scripts, filesystem writes for phase artifacts and execution packets. Sanitization: The skill does not perform explicit sanitization of external inputs before processing them.

discovery