The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple shell commands using node and git to manage state and relay discovery data.
Executed scripts include: .citadel/scripts/momentum-watch-start.cjs, .citadel/scripts/momentum-read.cjs, .citadel/scripts/discovery-write.cjs, and .citadel/scripts/momentum-synthesize.cjs.
Several commands incorporate dynamic arguments such as {session-slug}, {repo-name}, {handoff}, and {decisions}, which are derived from repository content or agent outputs.
[REMOTE_CODE_EXECUTION]: The skill relies on an external toolchain located in the .citadel/scripts/ directory. These .cjs files are executed during the skill's lifecycle but their source code is not provided in the skill definition, making their behavior unverifiable.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its multi-repo coordination logic (Category 8).
Ingestion points: The skill reads CLAUDE.md from multiple repositories and ingests discovery briefs/handoff blocks (workspace/briefs/) from completed campaigns.
Boundary markers: The skill uses === PRIOR SESSION CONTEXT === as a delimiter when injecting momentum data, but does not specify robust sanitization for content pulled from CLAUDE.md or cross-repo contracts.
Capability inventory: The skill possesses significant capabilities, including the ability to spawn new agents (/archon, /fleet, /marshal), write to the filesystem, and execute shell scripts.
Sanitization: There is no explicit evidence of sanitization for the JSON-formatted data (handoffs, decisions) that is passed as arguments to the discovery-write.cjs script.

workspace