The Agent Skills Directory

[SAFE]: No security issues detected. The skill's behavior is consistent with a software development assistant performing local file and version control operations.
[COMMAND_EXECUTION]: The skill uses local git commands including git add, git reset, git commit, and git rev-parse to manage implementation and documentation changes within the repository. These are standard tools for the developer persona and are used appropriately within the workflow.
[PROMPT_INJECTION]: The skill contains a surface area for indirect prompt injection as it ingests content from external project files and has the capability to write to the filesystem and commit code. Evidence Chain: 1. Ingestion points: Reads from 10-sprints/, 04-prd/, 07-tech-specs/, and features/ directories. 2. Boundary markers: Absent. 3. Capability inventory: File-write access to {SRC}/ and features/ directories, and execution of local git commands. 4. Sanitization: Absent. Despite the surface, no malicious instructions were detected, and the skill includes internal guidelines to follow security standards like avoiding OWASP vulnerabilities.

dev-swarm-code-development