The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands extracted from the .wf/config.json file under specific keys such as verify.test, verify.build, and verify.lint. If these files are manipulated, it allows for arbitrary command execution.
[COMMAND_EXECUTION]: The skill includes fallback logic that automatically executes CLI tools like npm, pytest, go, and cargo based on the detection of project files (e.g., package.json, pyproject.toml, go.mod).
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes content from untrusted project files to determine success criteria.
Ingestion points: The skill reads content from 01_KICKOFF.md, .wf/config.json, and state.json.
Boundary markers: There are no explicit markers or instructions to isolate or ignore instructions that may be embedded in these ingested files.
Capability inventory: The skill has the capability to execute shell commands and write to the state.json file.
Sanitization: The skill does not appear to sanitize or validate file content before using it in logic or as command arguments.

wf6-verify