The Agent Skills Directory

[SAFE]: The skill provides documentation on architectural patterns to improve agent performance and context management. It does not contain any executable scripts or malicious instructions.
[COMMAND_EXECUTION]: The rules recommend using standard CLI tools such as ls, find, wc, and bun test to monitor agent progress and verify outputs via the filesystem. These commands are used for coordination and quality assurance purposes.
[PROMPT_INJECTION]: The file-based agent pipeline pattern (Rule 5) introduces a surface for indirect prompt injection, as agents are instructed to read files generated by previous agents in the chain.
Ingestion points: Agents ingest data from files located in .claude/cache/agents/ (SKILL.md).
Boundary markers: The instructions do not specify the use of delimiters or 'ignore' markers when reading these files.
Capability inventory: The skill outlines capabilities for file system access via Bash and the creation of sub-tasks via Task (SKILL.md).
Sanitization: There are no documented sanitization or validation steps for the content of the intermediate files before they are processed by downstream agents.

agent-context-isolation