The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of CLI tools including git, glab, gh, and fuser to manage worktrees, branches, and remote repository interactions without user oversight.- [REMOTE_CODE_EXECUTION]: In Step 7, the skill automatically identifies and executes test suites (e.g., npm test, pytest) found within the local repository. If the repository contains malicious or compromised test configurations, this results in the execution of arbitrary code on the host system.- [DATA_EXFILTRATION]: The workflow includes an autonomous push to remote origins and the creation of pull/merge requests. While standard for collaborative development, the lack of a confirmation step allows for the automatic transmission of code and meeting summaries to external servers.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: External data from issue descriptions and comments enter the context in SKILL.md (Step 1 and Step 3). Boundary markers: Absent; untrusted data is interpolated directly into persona prompt templates. Capability inventory: Subprocess calls for git and various test runners. Sanitization: Absent; external content is not escaped or validated before processing by sub-agents.- [OTHER]: The 'Full Autonomy' principle specifically instructs the agent to bypass user confirmation for critical actions, including code implementation and remote deployment, which significantly increases the impact of any hijacked or erroneous decision.

fast-meeting