ladder-execute

The document is a coherent execution workflow for implementing Ladder specs and enforces strong operational discipline (plan mode, one-step-one-commit, evidence requirement). It does not contain explicit malicious code, obfuscated payloads, or destructive commands. However, its mandatory practice to inline 'ALL context' into delegated sub-agent prompts and default delegation for medium/large steps create a significant data-exfiltration risk: secrets, private files, and sensitive repository contents can be sent to an unspecified Task tool endpoint. Persisting command outputs into progress.md increases the chance that sensitive runtime data will be stored in git history. Recommend treating this policy as high-risk until mitigations (context minimization, redaction, trusted Task tool policies, secret scanning before packaging and before committing) are implemented. Operationally safe use requires explicit controls and a trusted, local-only Task tool or strict allowlists and redaction rules.