The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/swarm_run.py utility utilizes subprocess.run to orchestrate parallel tasks by invoking CLI agents (Claude, Gemini, or Copilot). The implementation correctly uses argument lists and shlex.split to mitigate common shell injection risks when handling file paths and user variables.
[COMMAND_EXECUTION]: The framework allows for arbitrary shell command execution via post_cmd and check_cmd templates defined in Markdown-based job files. This is a core feature enabling post-processing and result caching within the swarm orchestration workflow.
[EXTERNAL_DOWNLOADS]: The documentation in personas/README.md recommends the configuration of Model Context Protocol (MCP) servers. These references target official and well-known organizations, including Microsoft (@playwright), Upstash (@upstash), and the official Model Context Protocol organization. These are considered safe, well-known services.
[PROMPT_INJECTION]: The skill processes untrusted files through a 'Parallel Agent' pattern. In scripts/swarm_run.py, it implements boundary markers (e.g., prepending 'Instruction:' to the content) to help sub-agents distinguish between system instructions and data, reducing the surface for indirect prompt injection.
[COMMAND_EXECUTION]: The hooks/closure-guard.sh script uses sed and jq for session state management, preventing the agent from exiting a session before completing the required 'Seal' and 'Persist' operations. This ensures process integrity for long-running multi-agent loops.

agent-swarm