The Agent Skills Directory

[COMMAND_EXECUTION]: The skill initializes local workflow tracking by creating a .claude/apex directory and state files (task.json) using shell commands for project-specific task management.
[COMMAND_EXECUTION]: PostToolUse hooks monitor the Edit and Write tools, executing local commands to provide structured JSON feedback that enforces workflow rules and blocks actions until validation is performed.
[EXTERNAL_DOWNLOADS]: Methodology guides reference standard technology stacks and package registries such as npm and Composer as part of the intended development workflow.
[PROMPT_INJECTION]: The skill's core function of analyzing codebase content creates an indirect prompt injection surface. Ingestion points: The skill uses exploration tools to read project source code during the analysis phase (references/01-analyze-code.md). Boundary markers: No delimiters are explicitly used to isolate ingested code content from the agent's instructions. Capability inventory: The agent has access to Edit, Write, and command tools. Sanitization: The workflow relies on multi-phase validation (sniper agent) rather than input sanitization.

APEX Methodology