The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes a suite of automation tools including atm, am, and br to manage agent lifecycles. It executes commands to spawn model-specific sessions (atm spawn), verify pane mappings, and dispatch task packets to remote worker panes using the --force-non-interactive flag. These operations are consistent with the skill's documented purpose as an orchestration layer for multi-agent workflows.
[PROMPT_INJECTION]: As an orchestration skill, it acts as a relay for instructions sent to sub-agents. It constructs packets for Opus and Codex that include task definitions (e.g., /implement). While this creates a surface for indirect prompt injection, the skill defines clear roles and disjoint work surfaces (reserves) to mitigate cross-contamination between lanes.
Ingestion points: Task labels, bead identifiers, and packet content definitions are used to parameterize sub-agent commands.
Boundary markers: The skill relies on file-based packets (packet-opus.md) but does not explicitly implement mandatory XML or unique delimiters for untrusted user content within those packets.
Capability inventory: The orchestrator maintains control over the sub-agents' environment through session management tools (atm kill, atm save) and file system locking (am reserve).
Sanitization: No explicit sanitization or validation of the task descriptions is performed before they are forwarded to the worker panes.

dual-pane-atm