The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where data from task descriptions and dependency reports are processed and used to generate instructions for implementing workers.
Ingestion points: Task specifications are retrieved via br show <TASK_ID> --json and previous task results are read using br comments list <DEP_ID> --json as described in references/execution-operations.md and references/worker-prompt-guide.md.
Boundary markers: The references/worker-prompt-guide.md uses a Markdown template with clear headers (e.g., # Task, ## Strategy Context) to provide structure and partial isolation for ingested content.
Capability inventory: The skill uses project-specific CLI tools for state management, interacts with a file reservation API, and utilizes a dispatch_worker mechanism to delegate tasks to other implementation-capable agents.
Sanitization: There is no evidence of explicit sanitization or escaping of the ingested task data before it is interpolated into worker prompts.
[COMMAND_EXECUTION]: The skill makes extensive use of local CLI tools br (Bead Runner) and bv (Bead Viewer) to manage task lifecycle, update bead labels, and query dependencies within the local project environment, as documented in the operational playbooks.

beo-executing