The Agent Skills Directory

[COMMAND_EXECUTION]: The skill employs a Python script (scripts/maintain_project_roadmap.py) for auditing and updating roadmap files. Analysis confirms the script uses standard library modules (pathlib, re, argparse) for local file manipulation and does not utilize dangerous execution functions like os.system, subprocess, eval, or exec on external inputs.
[DATA_EXFILTRATION]: No network operations, external API calls, or data exfiltration patterns were found. The script's operations are strictly confined to reading and writing local files within the user-specified project directory.
[REMOTE_CODE_EXECUTION]: The skill does not download external scripts or execute remote code. It relies on a self-contained local Python script with no third-party dependencies.
[PROMPT_INJECTION]: The skill's instructions and reference documents establish clear operational boundaries and guardrails. It explicitly forbids the agent from performing auto-commits, pushing code, or editing files outside of the target ROADMAP.md. No adversarial prompt overrides or bypass patterns were identified.

maintain-project-roadmap