Naruto Multi-Agent CN

The skill bundle itself is designed as a multi-agent dispatcher, explicitly forbidding the main agent from performing risky actions like `exec`, file I/O, or search (SKILL.md). However, it instructs the agent to take user input and pass it directly into the `task` parameter of `sessions_spawn` for delegation to sub-agents. This creates a significant prompt injection vulnerability, as a malicious user could craft harmful instructions that would then be executed by the downstream sub-agents, making it a risky capability without clear malicious intent within this skill.