The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to perform extensive project management tasks, including initializing repositories with Git, interacting with the agent-kanban (ak) and GitHub (gh) CLIs, and running framework-specific initialization commands.
[EXTERNAL_DOWNLOADS]: During project scaffolding, the skill is instructed to install all project dependencies using local package managers (e.g., npm or pip). It also utilizes the GitHub CLI to clone remote repositories.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates Agent YAML configurations and applies them using the ak apply command. This process defines the logic, tools, and behavior policies for worker agents at runtime. Additionally, it specifies the installation of remote skills using the <source>@<skill> format.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the local project and external tools.
Ingestion points: The skill reads and analyzes CLAUDE.md, CONTRIBUTING.md, Git commit history, pull request diffs, and task notes from workers.
Boundary markers: The instructions do not specify any delimiters or safety prompts to prevent the agent from being influenced by instructions embedded within these files.
Capability inventory: The agent-kanban leader has significant capabilities, including arbitrary shell execution via Bash, the ability to create and modify other agents, and authority to merge code via the GitHub CLI.
Sanitization: There is no evidence of sanitization or verification of the content extracted from external files before it is used to inform the agent's planning and review decisions.

ak-plan