The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs extensive shell command execution using git, gh (GitHub CLI), and node to manage repository state, push branches, and handle pull requests.
[COMMAND_EXECUTION]: A specific feature in verify-work.md (Step 7.1) reads 'extra_verification_commands' from a local JSON configuration file and executes them using eval. This allows for arbitrary command execution based on project-specific settings.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. User feedback provided during interactive testing is stored in {phase}-UAT.md and subsequently used to build prompts for the kata-planner sub-agent. Malicious instructions embedded in test responses or codebase summaries could potentially hijack the sub-agent's planning logic.
[DATA_EXFILTRATION]: The skill uses git push and gh pr ready to interact with remote GitHub repositories. While consistent with its purpose as a development tool, these operations involve transmitting local data and metadata to external servers.
[COMMAND_EXECUTION]: The instructions for sub-agents (planner-instructions.md, verifier-instructions.md) include embedded shell script logic for artifact validation and codebase analysis, which are executed by the agent environment.

kata-verify-work