Deep Coding

The skill is internally consistent with its stated purpose (a multi-agent development/orchestration harness); it asks for the capabilities it needs (file ops, spawning agents, running builds/tests) and includes a small local dashboard server, with explicit warnings about executing untrusted code.

This skill appears to be what it says: a local multi-agent development harness. Key risks to consider before installing: 1) The included server.py will serve files from the project directory — verify there are no API keys or secrets in your project before running the server, and run it bound to localhost only as instructed. 2) Builders/Reviewers are required to execute generated project code and run tests (including Playwright); for untrusted projects, run the system inside isolated VMs or containers. 3) The dashboard HTML pulls JS from public CDNs (Tailwind, Vue, markdown-it); if your environment restricts outbound network calls or you need a hardened supply chain, consider hosting those assets locally. 4) Only grant the platform the minimal agent/tool permissions needed and limit allowed agent IDs to trusted ones. If you want a firmer assessment, provide the full, untruncated server.py content to verify the safe_path() implementation and confirm there are no hidden network callbacks or backdoors in the code.