The Agent Skills Directory

[SAFE]: The skill is a process-oriented tool that manages development workflows through role separation and automated retry loops. No vulnerabilities such as hardcoded credentials, malicious remote downloads, or privilege escalation were detected.- [COMMAND_EXECUTION]: The orchestrator dispatches subagents to perform standard development operations, including code compilation, type-checking, and running test suites (e.g., using pnpm, npm, or tsc). These commands are transparently defined in the subagent templates and are executed locally as part of the intended development workflow.- [PROMPT_INJECTION]: The skill ingests user-provided development plans which are then interpolated into subagent instructions. This creates a surface for indirect prompt injection where a plan could contain instructions to deviate from the orchestrator's constraints. However, the risk is effectively mitigated by a mandatory 'User Approval' step, where the human operator must review and confirm the entire plan before the orchestrator initiates any autonomous subagent tasks.

subagent-orchestration