The Agent Skills Directory

[SAFE]: The skill implements a robust, state-managed workflow for product coaching. It uses local files (under .beagle/concepts/) to maintain state between sessions and coordinate with other tools in the Beagle ecosystem.
[DATA_EXPOSURE]: The skill delegates data ingestion to the artifact-analysis companion skill. While it accesses local project folders (docs, planning), this access is restricted to the intended purpose of grounding product concepts in existing project context.
[INDIRECT_PROMPT_INJECTION]: The skill processes data from external sources (web research) and local files (artifact analysis). It provides clear instructions to use this data for pressure-testing and sharpening questions rather than executing it as commands, which significantly mitigates the risk of indirect injection.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. Mentions of shell commands like pip install or git clone are found within the reference files as examples for documentation sections, not as commands to be executed by the agent itself.

prfaq-beagle