The Agent Skills Directory

[SAFE]: The skill uses Read, Glob, and Grep tools to gather context from the repository, such as the tech stack and development status markers (e.g., TODOs). These actions are legitimate project management functions and involve no external data transfer.- [SAFE]: No network activity, external downloads, or remote code execution were identified. The skill does not communicate with external domains or execute scripts.- [SAFE]: The skill identifies potentially sensitive information like hardcoded credentials as part of its checklist generation pass, but it does not exfiltrate this data or use it maliciously.- [SAFE]: The skill's indirect prompt injection surface is categorized as safe given its intended use. It processes local project files to generate a report, with no high-risk capabilities like network access or arbitrary command execution.
Ingestion points: Reads CLAUDE.md, milestone/release files, and codebase via Grep for development markers.
Boundary markers: Absent; there are no specific delimiters used to isolate processed file content from the agent's instructions.
Capability inventory: Limited to Write for saving the local markdown report.
Sanitization: Content is summarized into a markdown checklist without specialized filtering.

launch-checklist