The Agent Skills Directory

[SAFE]: The skill defines a strict logic-based system for state transitions and ownership resolution, which serves as a protective boundary against unintended agent behavior. It includes a 'Hard stops' section and a 'Route Suppression Checklist' that explicitly constrain the agent's capabilities to routing only, preventing it from executing the work of the owners it selects.- [COMMAND_EXECUTION]: The skill performs local command execution for operational purposes, such as running a local Node.js onboarding script ('skills/beo/onboard/scripts/onboard_beo.mjs') and utilizing local tools like 'beads-cli' and 'beads-viewer'. These operations are restricted to the local workspace and are consistent with the skill's stated purpose.- [DATA_EXPOSURE]: The skill accesses local project metadata, specifically reading from and writing to files within the '.beads/' directory (e.g., STATE.json, HANDOFF.json). This data access is necessary for tracking workflow progress and does not involve the extraction of sensitive credentials or transmission of data to external sources.- [PROMPT_INJECTION]: The skill includes a surface for indirect prompt injection as it processes 'user intent' and 'live artifact evidence' (such as Markdown files) to make routing decisions. However, the risk is mitigated by the skill's internal logic, which only permits transitions to a predefined list of 'Allowed next owners' and includes boundary markers to prevent the execution of instructions embedded within those artifacts.

beo-route