The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to run ls commands. These operations are restricted to listing directory contents and verifying the presence of specific files within the conductor/ path, which is consistent with the skill's stated purpose.
[DATA_EXPOSURE] (SAFE): While the skill reads local project metadata files (e.g., product.md, tech-stack.md), there are no network capabilities or external endpoints defined. Data remains local to the execution environment.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest and validate contents from a local directory which could theoretically contain untrusted data.
Ingestion points: Files in conductor/ directory.
Boundary markers: None present.
Capability inventory: Bash, Read, Grep, Glob tools are enabled.
Sanitization: No specific sanitization of file content is performed. However, as the intended use is local project validation, the risk is negligible.

conductor-validator