The Agent Skills Directory

[COMMAND_EXECUTION]: The orchestrator.py script utilizes subprocess.Popen and subprocess.run to manage git operations, GitHub CLI interactions, and the execution of workstream launchers. This is a core feature for parallelizing development workflows.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates Python (launcher.py) and shell (run.sh) scripts at runtime to facilitate workstream isolation. It mitigates injection vulnerabilities by using json.dumps and shlex.quote to sanitize user-provided task and recipe names before insertion into these scripts.
[EXTERNAL_DOWNLOADS]: To ensure clean work environments, the skill clones the current repository into /tmp subdirectories using the git clone command. The target URL is retrieved from the local repository's git remote configuration.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests task descriptions from external workstreams.json files or user input and passes them to child agent sessions. \n
Ingestion points: workstreams.json configuration and inline markdown task lists. \n
Boundary markers: Instructions are placed in TASK.md or passed via user_context in Python, providing limited separation from system instructions. \n
Capability inventory: The orchestrator can execute any recipe which may include subprocess calls and filesystem access via the CLISubprocessAdapter (orchestrator.py). \n
Sanitization: Input strings are escaped using json.dumps and shlex.quote during the script generation phase.

multitask