The Agent Skills Directory

[COMMAND_EXECUTION]: The skill defines a workflow where the agent executes shell commands (e.g., npm test, pytest, make build) defined as 'verification commands' or 'merge gates' within task registries.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and acts upon instructions stored in external project files. * Ingestion points: The skill reads .planning/execution/tasks.json, project README.md, and task-specific handoff files. * Boundary markers: While it uses structured templates, it lacks specific instructions to disregard malicious or overriding commands embedded within the ingested data. * Capability inventory: The skill possesses the ability to execute shell commands and spawn subagents with defined prompts. * Sanitization: There is no evidence of sanitization or validation of the content read from task registries or handoff files before it is used to influence agent behavior.

wave-execution