The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is designed to perform shell operations for version control (git), project automation (scripts/skill-sync.js), and development tasks (npm, build, test). These capabilities are strictly context-bound to the local repository and are managed by instructions that mandate intent verification before any execution.- [SAFE]: The skill incorporates a 'Dao' (Taoist) control layer that forces the agent to differentiate between 'Confirmed Goals', 'Assumptions', and 'Facts'. This reasoning structure acts as a logical guardrail against hallucinated requirements or accidental autonomous actions.- [SAFE]: Security-conscious rules are embedded in the 'skill-sync' module, which requires the agent to use a local script as the 'unique truth of execution' and explicitly forbids the LLM from manually rewriting configuration files or expanding arguments during synchronization, thereby preventing potential injection or corruption of project settings.- [SAFE]: The skill exhibits an attack surface for indirect prompt injection as it is designed to analyze external code and user-provided documentation for reviews and debugging. However, this is mitigated by a mandatory evidence chain: 1) Ingestion points are localized to repository code and user attachments; 2) Boundary markers are established through a structured terminology baseline and mandatory first-round confirmation; 3) Capabilities like file writing are gated by explicit user consent; 4) Sanitization is performed through process-level verification where the agent must list unconfirmed points and wait for a user response before proceeding.

odai