The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands to manage git state, including branch verification, fetching updates, rebasing, and committing changes across all reference instruction files. These are standard development operations for an implementation orchestrator.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and interprets external plan files to drive its logic and generate instructions for sub-agents.
Ingestion points: The orchestrator reads a markdown plan file from a user-provided path ($path) in references/claude-code.md, references/copilot-cli.md, and references/generic.md.
Boundary markers: The instructions do not define clear delimiters or "ignore instructions" warnings when processing the untrusted plan content.
Capability inventory: The agent can execute git commands and dispatch sub-agents with significant capabilities via tools like Agent (Claude Code) and task (Copilot CLI).
Sanitization: There is no evidence of sanitization or validation of the plan file content before it is interpolated into prompts for sub-agents.

implement