The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/parallel_vibe.py executes arbitrary CLI commands (such as claude, codex, or shell templates) based on a generated or user-provided plan. It explicitly configures these tools to bypass user confirmation and safety prompts (e.g., --dangerously-skip-permissions for Claude and --ask-for-approval never for Codex).
[REMOTE_CODE_EXECUTION]: The local runner functionality in scripts/parallel_vibe.py dynamically generates and executes Python code at runtime using sys.executable -c for testing purposes.
[DATA_EXFILTRATION]: The skill's core mechanism copies the entire current workspace into multiple thread-specific subdirectories. This process may duplicate sensitive files (like .env or credentials) if they are not explicitly listed in the copy_exclude configuration, increasing the local exposure surface.
[DATA_EXFILTRATION]: The SKILL.md file contains instructions for the agent to use the GitHub CLI (gh) to upload bug reports to an external repository (huangwb8/bensz-bugs) when specifically requested by the user.
[PROMPT_INJECTION]: The skill provides a significant surface for indirect prompt injection, where malicious instructions in a processed user prompt could influence the high-privilege sub-agents.
Ingestion points: User-controlled inputs via the --prompt and --plan-file arguments in scripts/parallel_vibe.py.
Boundary markers: The script uses the wrap_thread_prompt function to prepend instructional 'soft guards' to the sub-agent prompts; however, these are not technically enforced and can be bypassed by a sophisticated injection.
Capability inventory: The system can execute arbitrary shell commands via subprocess.Popen and interact with powerful CLI agents that have safety filters partially disabled.
Sanitization: While the script uses shlex.quote to escape the prompt for shell execution, it does not validate or sanitize the content of the instructions being passed to the sub-agents.

parallel-vibe