The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool across various pieces (e.g., default.yaml, backend.yaml, terraform.yaml) to execute developer commands like npm test, terraform plan, and build scripts. This capability is central to the skill's purpose of automating software development workflows.
[EXTERNAL_DOWNLOADS]: The repertoire system facilitates downloading TAKT packages from GitHub repositories using the gh api. The documentation (repertoire.ja.md) outlines specific security constraints, including file type filtering (.md, .yaml, .yml), size limits (1MB), and path traversal protections.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from GitHub Issues and execution logs. However, it employs a 'Faceted Prompting' architecture that separates concerns (Persona, Policy, Instruction, Knowledge) to maintain structure and provides specific anti-hallucination instructions to prevent model laziness.
[CREDENTIALS_UNSAFE]: The documentation provides guidance on using environment variables for API keys (e.g., TAKT_ANTHROPIC_API_KEY) and explicitly warns against hardcoding secrets in Terraform code or configuration files.

takt-optimizer