The Agent Skills Directory

[SAFE]: The skill utilizes file system tools such as Read, Grep, Glob, and Bash to scan project directories (.agents/, brand/, architecture/, research/) and extract YAML frontmatter from markdown files. These actions are consistent with its primary purpose of artifact status awareness and workflow orchestration.\n- [DATA_EXPOSURE]: The skill includes a --cross-project flag that allows it to scan sibling directories for .agents/ folders. This facilitates cross-project coordination within a developer's workspace and is a legitimate feature for meta-orchestration.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from local markdown files (specifically frontmatter fields like skill, date, and status) to generate reports and plans. This presents an indirect prompt injection surface (Category 8) where malicious content in an artifact's metadata could influence the agent's orchestration recommendations. However, the impact is limited to local project navigation logic. Ingestion points are identified in SKILL.md; boundary markers and explicit sanitization logic for this data are absent.

navigate