The Agent Skills Directory

Privilege Escalation (MEDIUM): The document provides instructions on using the permissionMode frontmatter property to disable user confirmation for sensitive tasks. Specifically, the bypassPermissions value allows an agent to skip all permission prompts, while acceptEdits allows it to modify files without intervention, bypassing the agent's primary safety controls.
Metadata Poisoning (LOW): The documentation frames undocumented and potentially unsafe security bypasses as 'features' discovered through 'internal patterns,' which may encourage users to adopt insecure configurations without fully understanding the risks.

subagent-development