The Agent Skills Directory

[SAFE]: The skill defines a robust development framework where specialized agents handle specific phases of a software lifecycle (Spec, Test, Implement, Review, Security). This distribution of concerns and mandatory review gates provides a secure environment for AI-assisted coding.- [COMMAND_EXECUTION]: Several agents (quality-agent, security-agent, review-agent, feature-agent) use the Bash tool to perform legitimate development tasks. These include running project test suites, linters (ESLint, Ruff), and type checkers (TypeScript, mypy). The merger-agent uses the GitHub CLI (gh) to manage feature branches and create Pull Requests. All observed command patterns are consistent with the skill's stated purpose.- [DATA_EXFILTRATION]: No patterns of unauthorized data exposure were found. The skill specifically includes a security-agent tasked with detecting and blocking hardcoded secrets (API keys, tokens, passwords) and common OWASP vulnerabilities (SQL injection, XSS) before any code can be merged into the main branch.- [PROMPT_INJECTION]: The instructions for the various agents are well-defined and focused on task execution within the pipeline. There are no attempts to override agent behavior, bypass safety guidelines, or extract system prompts.- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote script downloads or dynamic execution of code from external URLs. All tool usage is directed at standard, locally installed development utilities and the project's own codebase.

agent-teams