The Agent Skills Directory

[COMMAND_EXECUTION]: The wt.sh script executes shell commands retrieved from project-level configuration files. Evidence: The script uses eval to run the setup and archive scripts defined in conductor.json located within the target repository.
[REMOTE_CODE_EXECUTION]: This mechanism allows an untrusted repository to achieve remote code execution on the user's machine if the agent processes the repository using this skill. Mandatory Evidence Chain: 1. Ingestion points: conductor.json and .context/handoff.md in the target repository; 2. Boundary markers: None; 3. Capability inventory: Shell execution via eval and UI automation via osascript; 4. Sanitization: None performed on the scripts extracted from the JSON file.
[COMMAND_EXECUTION]: The skill uses macOS osascript to perform keystroke injection into terminal applications. Evidence: The open_terminal_tab function in scripts/wt.sh automates terminals by sending commands via keystroke, which can be influenced by project files or command-line arguments.
[DATA_EXFILTRATION]: The skill automatically copies sensitive environment files between repo directories. Evidence: The copy_env_files function in scripts/wt.sh handles .env, .env.local, and .dev.vars files, exposing potentially sensitive credentials.

git-worktree