The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's primary function is to orchestrate external AI CLIs (codex exec and gemini) via shell commands. This is performed within isolated Git branches and worktrees to ensure filesystem safety and prevent cross-contamination between different implementation variants.
[DATA_EXFILTRATION]: The skill enforces data safety through a 'Scope Lock' protocol, explicitly listing sensitive patterns like .env*, package.json, and *.lock as forbidden files that engines are prohibited from accessing or modifying.
[PROMPT_INJECTION]: To mitigate the risks of indirect prompt injection from untrusted task specifications, the skill uses structured prompt templates (GOLDE framework). These templates isolate the user-provided specification within a context of strict constraints and explicit 'DO NOT' directives, preventing the engine from following instructions that would violate security boundaries.
[REMOTE_CODE_EXECUTION]: The skill relies on locally installed tools from established vendors (OpenAI and Google). There are no instructions for downloading or executing remote scripts or unverified third-party code at runtime.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or API keys were detected in the skill files. The orchestration logic actively prioritizes the protection of the local environment and development configuration files.

arena