The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes local bash scripts for state management using 'bash {CWF_PLUGIN_DIR}/scripts/cwf-live-state.sh'. These operations are used to set phase information and resolve session directories.
[EXTERNAL_DOWNLOADS]: The workflow includes a 'Web Researcher' sub-agent that utilizes 'WebSearch' and 'WebFetch' tools to retrieve information from external websites and expert documentation.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) due to the processing of untrusted data. * Ingestion points: User-provided requirements, 'next-session.md' context, and arbitrary data retrieved from the codebase and web search results. * Boundary markers: Employs template variables like '{requirement}' and '{summarized outputs}' to pass data to sub-agents, which provides limited structural separation. * Capability inventory: Includes filesystem access, local command execution (bash), and the ability to spawn sub-agents with various tool permissions. * Sanitization: Lacks explicit sanitization or validation of external data before it is interpolated into instructions for sub-agents.

clarify