The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes local shell commands to manage the development lifecycle, including Git for branch management, GitHub CLI (gh) for issue viewing, and package managers (pnpm, npm, pip) for dependency installation. These are necessary and expected for implementation tasks.- [EXTERNAL_DOWNLOADS]: The workflow involves downloading dependencies via standard package managers from official registries. While this involves fetching external code, it is restricted to standard project lifecycle operations.- [DATA_EXFILTRATION]: The skill accesses local environment configuration files such as .env.local to facilitate environment replication in worktrees. This is an internal file system operation for configuration management and does not involve exfiltrating data to external network destinations.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading content from GitHub issues and research artifacts. This is a primary ingestion point for task data (SKILL.md). While there are no explicit boundary instructions to ignore embedded commands in the issue bodies, the agent's use of these sources is limited to structural parsing and technical context extraction. Capability inventory includes file system writes and shell command execution, but these are gated by user checkpoints in HITL mode.

execute