The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates agent processes locally and remotely using the gh CLI and AWS Systems Manager (aws ssm). It implements defensive validation in scripts/dispatch-remote-aws-ssm.sh and scripts/dispatcher-multi-tick.sh to prevent shell injection by blocking metacharacters in operator-controlled values.
[PROMPT_INJECTION]: The skill processes GitHub issue bodies and comments, which are untrusted data sources. It mitigates indirect prompt injection risks by wrapping external data in <user-issue-content> tags and providing explicit system instructions to the agent to treat such content as feature specifications rather than executable instructions.
[DATA_EXFILTRATION]: The skill handles GitHub App installation tokens and private keys. Security is maintained through the use of atomic file operations and restrictive directory permissions (mode 700) for token storage. Additionally, agent log files are created with restrictive permissions (mode 600) to prevent local exposure of potentially sensitive agent output.

autonomous-dispatcher