The Agent Skills Directory

[SAFE]: The skill operates as a high-level manager, delegating code implementation to specialized sub-agents, which limits its direct interaction with sensitive source code.
[COMMAND_EXECUTION]: The skill executes shell and git commands for infrastructure tasks such as creating session directories and managing feature branches. These operations are aligned with its documented role and are necessary for the development lifecycle.
[DATA_EXFILTRATION]: The skill reads project-level metadata and configuration files to facilitate environment setup and session persistence. No evidence of unauthorized data access or external transmission was found.
[PROMPT_INJECTION]: The skill includes an intentional 'Manual Override' mode for informational queries, which includes constraints to prevent unauthorized code modifications during direct interaction.
[SAFE]: The skill processes project metadata and user tasks, representing a surface for indirect prompt injection. This is mitigated through structured delegation via the Task() mechanism and strict directory-level write restrictions. Ingestion points: project metadata files and user tasks; Boundary markers: structured Task() parameters; Capability inventory: shell commands, git commands, and sub-agent delegation; Sanitization: slugification of task descriptions for branch names.

ws-orchestrator