The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of local bash and Python scripts to manage developer sessions, including git worktree detection, tmux window renaming, and session state serialization.
[EXTERNAL_DOWNLOADS]: The swain-status.sh script interacts with GitHub's public API using the gh (GitHub CLI) tool to fetch issue data. This interaction targets a well-known service and is consistent with the skill's primary functionality.
[DYNAMIC_EXECUTION]: Several scripts, such as swain-session-state.sh and swain-session-check.sh, execute Python logic via the python3 -c or uv run python3 -c commands. These scripts use embedded code blocks to perform JSON parsing and date calculations, which are standard operations for this skill's use case.
[INDIRECT_PROMPT_INJECTION]: The skill ingests data from attacker-controllable sources such as git commit messages and GitHub issue titles, creating a potential surface for indirect prompt injection. \n
Ingestion points: Git commit logs processed by swain-session-digest.sh and GitHub issue metadata retrieved by swain-status.sh. \n
Boundary markers: None identified; untrusted content is processed without explicit delimiters. \n
Capability inventory: The skill has broad capabilities, including extensive file system access, shell command execution, and GitHub API interactions. \n
Sanitization: Standard data processing utilities like jq, sed, and grep are utilized, but the skill lacks specialized sanitization to prevent adversarial LLM instructions within the processed data.

swain-session