The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill explicitly allows the Bash tool and executes commands such as npm run build, npm run lint, and npm test during the QA phase. These commands execute logic defined in project configuration files that the agent has the capability to modify.
[REMOTE_CODE_EXECUTION] (MEDIUM): The workflow involves an Atlas or Junior agent generating code and unit tests (Phase 2) which are immediately executed (Phase 3). This 'write-then-execute' pattern allows for the execution of arbitrary code without mandatory human intervention between the code creation and its execution.
[Dynamic Execution] (MEDIUM): The skill uses Playwright for UI verification. This involves launching a browser and executing automated scripts to capture and analyze screenshots via Gemini, which can be manipulated if the UI under test contains malicious elements.
[Indirect Prompt Injection] (LOW): The skill is a surface for indirect injection as it processes a user request to generate specifications and plans that drive downstream execution.
Ingestion points: The initial user request provided via the /autopilot command (e.g., File: SKILL.md).
Boundary markers: No explicit delimiters or safety instructions are defined to separate user intent from the instructions provided to the sub-agents (Metis, Prometheus, etc.).
Capability inventory: The skill has access to the Bash tool, file system modification tools (TaskCreate, TaskUpdate), and web automation via Playwright.
Sanitization: There is no evidence of input sanitization or validation of the generated specifications before they are passed to the planning and execution agents.

autopilot