The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were detected. The skill establishes a highly defensive operational posture for an automated developer agent.\n- [NO_CODE]: The skill is composed exclusively of Markdown documentation and reference files. It does not include any executable scripts, code, or configuration files that could be directly executed.\n- [COMMAND_EXECUTION]: The instructions guide the agent to use shell commands for standard development activities, such as running test suites ('npm test'), performing linting, and cleaning up temporary build artifacts (e.g., 'rm -rf .next/'). These operations are appropriately scoped to the development task.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes various search and documentation MCP tools (kagi, firecrawl, context7) to retrieve technical specifications and requirements from the internet. These are standard research tools for development agents.\n- [PROMPT_INJECTION]: The skill exhibits an inherent surface for indirect prompt injection as it processes data from external web searches and local files.\n
Ingestion points: Task instructions from the lead agent, external documentation fetched via search tools, and existing codebase analysis.\n
Boundary markers: The agent relies on structured reporting templates and hierarchical task management to maintain context boundaries.\n
Capability inventory: Full file system access, shell command execution, and network access for research purposes.\n
Sanitization: The workflow mandates a security scan using CodeGuard on all code modifications prior to task completion.\n- [CREDENTIALS_UNSAFE]: The workflow describes copying '.env' files between Git worktrees to maintain development environment consistency. While no credentials are hardcoded, the agent is instructed to handle files that typically contain sensitive environment secrets.

implementing-as-tachikoma