The Agent Skills Directory

[SAFE]: The skill documents a legitimate software engineering methodology. It does not contain any instructions that attempt to bypass security filters, exfiltrate data, or obfuscate intent.
[COMMAND_EXECUTION]: The skill utilizes the Bash tool to run standard development commands such as npx tsc --noEmit, pnpm test, and git operations. These are appropriate for the skill's stated purpose of verifying code changes during a refactor.
[DATA_EXPOSURE]: Operation is restricted to reading and editing local project files. No access to sensitive system paths (e.g., SSH keys, environment secrets) or hardcoded credentials was detected.
[INDIRECT_PROMPT_INJECTION]: The skill involves reading project files which could technically contain malicious instructions (Category 8 surface). However, the skill does not introduce unsafe interpolation or bypass existing agent guardrails, and this capability is essential for its primary function of assisting with code refactors.

verify-between-waves