The Agent Skills Directory

[No Code] (SAFE): The skill consists entirely of Markdown instructions and metadata. It does not ship with any Python, Node.js, or shell scripts, nor does it define any executable functions or tools.- [Command Execution] (SAFE): While the skill mentions command-line flags in metadata (e.g., --archive, --delete), these are hints for the agent to interpret and act upon using its own file management capabilities rather than hardcoded shell commands.- [Indirect Prompt Injection] (LOW): The skill identifies an attack surface by instructing the agent to process external files like tracks.md and implementation-playbook.md. * Ingestion points: tracks.md, resources/implementation-playbook.md. * Boundary markers: Not specified. * Capability inventory: File read/write/delete. * Sanitization: None described. * Risk: Since the skill relies on the agent's interpretation of these files, there is a minor risk of indirect prompt injection if the project files are sourced from an untrusted collaborator.

conductor-manage