The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified in the skill's instructions or scripts. The skill follows established patterns for a coding assistant and task manager.\n- [COMMAND_EXECUTION]: Performs Git commands including fetch, pull, add, and commit to synchronize the repository and archive completed tasks. These operations are restricted to the local repository and its configured remote.\n- [COMMAND_EXECUTION]: Executes a provided shell script (scripts/new_task_change.sh) to scaffold directories and markdown files. The script is bundled with the skill and performs only standard file system operations.\n- [PROMPT_INJECTION]: The skill has an ingestion surface for Indirect Prompt Injection (Category 8) as it reads task definitions and specifications from local files such as tasks.md and those within the openspec/ directory. Ingestion points: tasks.md and openspec/ files; Boundary markers: absent; Capability inventory: Git operations, file writes, and directory creation; Sanitization: absent. This risk is inherent to the skill's primary purpose as a task executor and is documented as a functional requirement rather than a malicious vector.

openspec-task-loop