The Agent Skills Directory

[PROMPT_INJECTION]: The skill accepts a 'proposal' input that is interpolated directly into the system prompts of multiple AI personas. There is no evidence of input sanitization or the use of strong delimiters (such as XML tags or random delimiters) to isolate the untrusted content from the core instructions, creating a surface for indirect prompt injection where a malicious proposal could override the directors' deliberation logic.
[COMMAND_EXECUTION]: The persistence phase utilizes the run_shell_command tool to execute directory creation via 'mkdir'. If the variables used in the path construction, such as track identifiers, are derived from untrusted user input without rigorous validation or sanitization, it could potentially lead to command injection or unauthorized directory traversal/creation.

board-of-directors