The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The project-analyst, team-configurator, and tech-lead-orchestrator sub-agents are granted access to the Bash tool. These agents use Bash to scan directory structures and sample code files. This presents a risk of command injection if the agent is tricked into executing commands derived from maliciously crafted filenames or file contents within an analyzed project.
PROMPT_INJECTION (LOW): The skill exhibits a high surface area for Indirect Prompt Injection (Category 8) due to its core purpose of analyzing untrusted external data.
Ingestion points: project-analyst.md (package manifests, source code sampling), team-configurator.md (dependency files, build configurations), tech-lead-orchestrator.md (project requirements and codebase analysis).
Boundary markers: Absent. The instructions do not specify the use of delimiters or warnings to the agent to disregard instructions found within the files it reads.
Capability inventory: Bash (command execution), WriteFile (filesystem modification), WebSearch (network access).
Sanitization: Absent. Data read from the environment is processed directly to generate reports and configuration updates (e.g., modifying CLAUDE.md), providing a path for malicious instructions in the project to influence agent behavior.

project-management-specialist