The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/run.py accepts a --workspace parameter to determine where template files are copied. The script resolves this path but lacks logic to verify that the destination is within an authorized workspace root. This creates a surface for arbitrary file writes if the agent is instructed to use a sensitive system path as the workspace directory.
[SAFE]: No network activity was detected in the script or templates, adhering to the skill's metadata and minimizing data exfiltration risks.
[SAFE]: Dependencies are restricted to internal project modules, and no external package installations or remote code executions were found.

workspace-init