The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes external data from GitHub issues and comments, creating a potential surface for indirect prompt injection.
Ingestion points: The orchestrator fetches issue titles, bodies, and comments via the gh CLI in the select_issues and write_drop functions within scripts/afk.sh.
Boundary markers: AGENT-PROMPT.md instructs the agent to treat the provided agent brief as the authoritative contract, though the original issue body is still provided for context.
Capability inventory: The orchestrator and inner agents can execute shell commands through project-specific pnpm scripts (test, lint, build) and git operations. The codex runner is specifically granted full access within its isolated worktree.
Sanitization: Content retrieved from GitHub is not explicitly sanitized before being passed to the agent, relying on the internal safety rules and instructions for mitigation.
[COMMAND_EXECUTION]: The skill executes various shell commands to automate the issue-resolution lifecycle and validate code changes.
The orchestrator automatically runs pnpm test, pnpm typecheck, pnpm lint, and pnpm build within isolated worktrees to verify the agent's implementations.
scripts/afk.sh utilizes git and gh to manage repository state, including creating worktrees, merging branches, and closing issues.
The codex runner is invoked with the --dangerously-bypass-approvals-and-sandbox flag to facilitate unattended autonomous operation, as documented in runner-codex.md.
[EXTERNAL_DOWNLOADS]: The skill interacts with GitHub to synchronize code and manage issue tracking data.
It performs git fetch and git push operations over SSH to manage the remote main branch state.
It uses the GitHub CLI (gh) to fetch issue metadata and post status updates. All network operations are conducted with well-known GitHub services and repositories.

afk