The Agent Skills Directory

[COMMAND_EXECUTION]: Shell commands are used via git, gh (GitHub CLI), and package managers (npm, yarn, pnpm, bun) for standard development tasks. This includes the use of !command syntax in SKILL.md for read-only status checks (e.g., git branch, ls .claude/archon/), which is consistent with the skill's development purpose.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from GitHub issues and web research. However, it mitigates this by using HEREDOCs with single-quoted delimiters ('EOF') for shell commands in files like cookbooks/commit.md, cookbooks/issue.md, and cookbooks/pr.md. This sanitization prevents the execution of command sequences embedded in the ingested data. No explicit boundary markers were observed, but the capability inventory is limited to project management and development tools.\n- [DATA_EXFILTRATION]: The skill accesses local project files and GitHub metadata. A security measure is implemented in cookbooks/commit.md to skip .env and credential files during staging, which prevents accidental exposure of sensitive local data during the development process.\n- [SAFE]: No malicious behaviors such as obfuscation, unauthorized network exfiltration, or persistence mechanisms were detected. All external operations target trusted or well-known development services.

archon-dev