The Agent Skills Directory

[COMMAND_EXECUTION]: The skill generates shell commands for plan execution using a local script path: ${HOME}/.claude-octopus/plugin/scripts/orchestrate.sh. Running local scripts based on AI instructions can be risky if the script contents or permissions are not verified.
[COMMAND_EXECUTION]: User-defined content (such as the feature name) is directly interpolated into the execution commands (e.g., orchestrate.sh tangle "Execute implementation plan for [feature]"). This pattern is vulnerable to command injection if an attacker provides a feature name containing shell metacharacters like semicolons or backticks.
[PROMPT_INJECTION]: The instructions utilize restrictive and forceful phrasing including "MANDATORY COMPLIANCE", "DO NOT SKIP", and "PROHIBITED". These are common patterns used in prompt injection to attempt to override the AI's core safety guidelines or system instructions.

skill-writing-plans