The Agent Skills Directory

[SAFE]: The skill implements a multi-phase workflow (Plan -> Review -> Approve -> Execute) that ensures all changes are vetted by a human user before the agent can perform writes. This is enforced through technical gates in scripts like code-implement, which validates review metadata before proceeding.
[COMMAND_EXECUTION]: The skill uses established command-line interfaces (CLIs) such as codex, claude, gemini, and gh to perform its tasks. These tools are executed with explicit timeouts using the timeout command and are often run within tmux for session durability and logging. The execution logic in scripts/safe-fallback.sh provides reliable fallback mechanisms between different AI providers.
[PROMPT_INJECTION]: The instructions in SKILL.md and the template files (e.g., plan-system-prompt.txt) use defensive prompt engineering to restrict the agent's capabilities during planning and implementation phases. It explicitly forbids the use of bypass flags unless requested by the user and sets clear boundaries for read-only vs. write-enabled sessions.
[EXTERNAL_DOWNLOADS]: The skill pack provides guidance on installing well-known, reputable tools such as the GitHub CLI (gh), OpenAI's Codex CLI (@openai/codex), and Anthropic's Claude Code CLI (@anthropic-ai/claude-code). These are documented for the user and are not automatically downloaded or executed in a hidden manner.
[SAFE]: No evidence of malicious obfuscation, data exfiltration, hardcoded credentials, or persistence mechanisms was found. The skill includes a doctor script for environment validation and smoke-wrappers.sh for verifying the integrity of its own wrapper scripts.

coding-router