The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/update_runtime.py is configured to fetch a version manifest and various project files, including Python and Shell scripts, from a remote GitHub repository (https://raw.githubusercontent.com/xmzDesign/santong-skill). This behavior is enabled by default in the update-policy.json configuration.
[REMOTE_CODE_EXECUTION]: The update mechanism downloads executable content and overwrites local scripts in .harness/scripts/ and automated hooks in .claude/hooks/ and .codex/hooks/. These scripts are subsequently executed by the agent environment to enforce project workflows and coding conventions.
[COMMAND_EXECUTION]: Multiple Python scripts, including scripts/ensure_task_branch.py and scripts/task_switch.py, use the subprocess module to execute system commands for Git repository state tracking and for running other local Python scripts.
[PROMPT_INJECTION]: The skill processes untrusted data from task description files (.harness/task-harness/features/*.json) which are interpolated into the agent's context. There is a potential surface for indirect prompt injection as these descriptions can influence the agent's behavior during the 'Plan' and 'Build' phases without rigorous sanitization.

by-harness