The Agent Skills Directory

[COMMAND_EXECUTION]: The skill facilitates highly autonomous, unattended shell execution. It provides specific patterns for backgrounding agent processes (</dev/null) and using non-interactive permission modes (--permission-mode acceptEdits). This pattern allows agents to perform destructive operations or code modifications without real-time human oversight or approval.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its triage workflow. It fetches and processes external data from GitHub issues (gh issue list) which is then interpolated into prompts for unattended execution. An attacker could embed malicious instructions in an issue title or body that might be executed by the overnight agent.
Ingestion points: /tmp/gh_issues.json populated via gh issue list.
Boundary markers: Instructions lack explicit delimiters or sanitization steps when extracting issue content into prompts.
Capability inventory: The skill uses git for commits/pushes, gh for interaction, and autonomous editors like Codex that possess write access to the repository.
Sanitization: No validation or escaping is performed on the ingested issue metadata before it is used to drive agent behavior.
[REMOTE_CODE_EXECUTION]: The skill uses dynamic execution patterns to bypass standard tool boundaries. This includes using terminal heredocs to execute Python logic (python3 << 'PYEOF') and generating entire implementation prompts that are subsequently executed by other agents. It also recommends using uv run, which can dynamically resolve and execute code from external Python registries.
[EXTERNAL_DOWNLOADS]: The skill recommends routing unattended AI operations through third-party providers such as HuggingFace and OpenRouter to avoid 403 errors on standard CLI endpoints. This involves outbound network communication and data transmission to external APIs.

overnight-parallel-agent-prompts