The Agent Skills Directory

[SAFE]: No malicious patterns such as prompt injection, data exfiltration, or unauthorized command execution were detected.- [DATA_EXPOSURE]: The skill reads project-level metadata from specs/state.json and TODO.md. This is required for task lookup and status validation. No access to sensitive user credentials or system configurations was found.- [COMMAND_EXECUTION]: The skill uses the Task tool to delegate work to other skills. This is an architectural component of the multi-agent system and does not involve arbitrary shell command execution.- [PROMPT_INJECTION]: The skill processes project-specific data which could potentially contain indirect prompt injections (Category 8). However, the orchestrator has strict tool restrictions—it cannot edit files or run build commands—which limits the impact of such injections at this stage of the pipeline.

skill-orchestrator