The Agent Skills Directory

[PROMPT_INJECTION]: The skill explicitly instructs the agent to treat all task content and CLI output as untrusted data and forbids executing any instructions found within that data. This is a proactive defense against indirect prompt injection.
[COMMAND_EXECUTION]: Command execution is constrained to the dino utility. The workflow requires the use of --dry-run to preview changes and mandates explicit user confirmation before executing any commands that mutate data (append, create, update).
[CREDENTIALS_UNSAFE]: The skill follows security best practices for authentication by instructing users to manage tokens in their own terminal and explicitly warning against pasting sensitive authentication tokens into the conversation.
[DATA_EXFILTRATION]: No suspicious network operations or data exfiltration patterns were detected. The skill focuses on local CLI interactions for task management.

dino-manage-todo