The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's primary purpose is to generate and execute complex shell commands to interface with external CLI agents. It explicitly instructs the user to run these commands in the background with run_in_background: true. While this is the intended functionality, it creates an execution environment where the AI agent is directing the local shell to launch other autonomous processes.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for interacting with multiple external CLI tools (Claude Code, Codex CLI, Gemini CLI, Copilot CLI). These tools, by their nature, communicate with remote AI services and may download updates or configurations. However, the references provided target well-known and trusted technology providers (Anthropic, OpenAI, Google, and GitHub), which aligns with the safety guidelines for trusted services.
[PROMPT_INJECTION]: There is a potential for indirect prompt injection if the content of .dispatch/ files—which are piped directly into external CLIs—contains malicious instructions. The skill attempts to mitigate this by recommending "Safe Defaults" such as --allowedTools "Read,Glob,Grep" and --no-session-persistence to limit the capabilities of the dispatched agents.
[DATA_EXFILTRATION]: Since the skill orchestrates agents that can read files and make network requests (to their respective providers), there is a theoretical risk of data exposure. The skill's documentation encourages using read-only permissions and local file-based output to keep data flow inspectable within the .dispatch/ directory.

dispatch-cli-agent