The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes several Node.js scripts in the 'references/scripts/' directory used for managing the worker's runtime state. These scripts perform standard file system operations (read/write/mkdir/rename) and process execution tracking (PID checks) within the project's '.hex-skills' directory. No arbitrary command execution from untrusted inputs was identified.- [INDIRECT_PROMPT_INJECTION]: The skill processes 'storyData' and 'idealPlan' to generate or update task descriptions. This represents an indirect prompt injection surface where malicious instructions in requirements could influence task generation. The risk is mitigated by the design of the workflow, which includes a 'PHASE_4_CONFIRM_OR_AUTOAPPROVE' step and a 'PreToolUse hook' to validate task structure and content before execution.- [DATA_EXFILTRATION]: The skill reads from and writes to the '.hex-skills' directory to maintain runtime state. It also interacts with task providers like Linear or GitHub (via tools). These operations are consistent with the skill's stated purpose of task management and do not exhibit exfiltration patterns.- [SAFE]: The skill includes comprehensive safety documentation for destructive operations ('references/destructive_operation_safety.md') and follows standard patterns for loading and localizing project templates.

ln-302-task-replanner