The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill frequently executes npx claude-flow@alpha, which downloads and runs remote code from the npm registry. While this tool belongs to the skill's framework ecosystem, it represents a dependency on an external, unversioned package.
[COMMAND_EXECUTION]: The skill uses various shell tools including jq, bc, and node to process data. It specifically generates and executes Node.js scripts using heredoc templates to manipulate planning artifacts and generate reports.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8). It ingests untrusted data from web research agents in Phase 2 and processes this data in subsequent phases to enhance implementation plans. Evidence: 1) Ingestion points: Web research results are saved to .claude/.artifacts/web-research-*.json and synthesized in Phase 2. 2) Boundary markers: No explicit delimiters or instruction-bypass warnings are present in the scripts that handle this research data. 3) Capability inventory: The skill possesses the ability to write to the filesystem, execute Node.js code, and run shell commands via npx. 4) Sanitization: No sanitization or verification of the external research content is performed before it is interpolated into the implementation plan.

research-driven-planning