The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill specifies a fallback mechanism in the 'Paths' section of SKILL.md to fetch missing components from a remote GitHub repository (https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}). This involves downloading reference files and scripts that are subsequently used during runtime orchestration.
[COMMAND_EXECUTION]: The skill instructions require the execution of various shell commands. Specifically, it uses node to run local scripts (e.g., shared/scripts/story-gate-runtime/cli.mjs) to manage state and checkpoints. It also performs Git branch management, including committing and pushing verified branches in Phase 7 of the workflow.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) as it ingests and processes untrusted external data which could influence its logic and downstream actions.
Ingestion points: The skill loads Story metadata, child task metadata, and code diffs during the Discovery and Quality Check phases (Phase 1, 3, and 6).
Boundary markers: There are no explicit delimiters or specific instructions to ignore malicious content embedded within the story requirements or code changes being reviewed.
Capability inventory: The skill possesses the ability to execute shell commands (node), perform file writes (.hex-skills/), and execute Git operations (git commit/push).
Sanitization: The instructions do not specify any validation or sanitization steps for the ingested metadata or Acceptance Criteria before they are processed by the agent.

ln-500-story-quality-gate