The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the gsd-pi Node.js package, which is the core component for the GSD CLI. This package is provided by the skill's author and is installed via standard package management tools.
[COMMAND_EXECUTION]: Extensive use of shell commands is employed to interact with the gsd CLI, manage project directories, and parse output using jq and bc. These operations are well-documented and necessary for the skill's autonomous functionality.
[CREDENTIALS_UNSAFE]: The skill documentation describes a mechanism for pre-supplying secrets to the headless CLI via a JSON file. This is a documented feature for automation and does not involve hardcoded credentials within the skill itself.
[PROMPT_INJECTION]: The skill ingests user-defined specifications from a spec.md file. While this represents an indirect prompt injection surface, it is the primary input for the autonomous build process and follows the tool's intended design.

gsd-orchestrator