The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a bundled Node.js script (scaffold-plan.mjs) to initialize planning artifacts. This script is robustly implemented with security checks, including strict regex validation for user-supplied slugs (/^[a-z0-9][a-z0-9-]{0,79}$/) and comprehensive path validation to prevent directory traversal. Writes are strictly confined to the .omo/ directory and .md extensions.
[SAFE]: The skill implements a security-conscious workflow that treats external data (e.g., from Discord or remote repositories) as untrusted 'claims' that must be verified. It explicitly instructs the agent to watch for and mitigate 'prompt_injection' and 'misleading_success_output' during its research phase.
[SAFE]: Instructions enforce a strict 'plan-only' boundary, repeatedly stating that the agent must never edit product code or begin implementation, ensuring the agent operates within a restricted, low-privilege scope.

ulw-plan