The Agent Skills Directory

[NO_CODE]: The skill consists entirely of markdown documentation, playbooks, and configuration files. It does not contain any executable Python scripts, Node.js packages, or binary files.
[INDIRECT_PROMPT_INJECTION]: The orchestration patterns described in the skill rely on agents reading and processing data (specifications, research, and artifacts) written to a shared directory by other agents, which establishes a surface for indirect prompt injection.
Ingestion points: Agents are instructed to read from a shared workspace directory structure (e.g., /shared/specs/, /shared/artifacts/, and /shared/decisions/) as outlined in references/communication.md and references/team-setup.md.
Boundary markers: The skill recommends using SOUL.md identity files and structured handoff templates to define agent roles and expectations, but it does not specify technical delimiters or filtering to prevent the execution of instructions embedded in shared data.
Capability inventory: The workflow leverages standard agent capabilities including sessions_spawn for task delegation and sessions_send for direct inter-agent messaging.
Sanitization: The provided playbook does not include instructions for sanitizing, escaping, or validating the content of shared artifacts before they are consumed by other agents in the pipeline.

agent-team-orchestration