The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/modules/cortex_reader.py executes shell commands using subprocess.run to retrieve git logs. While the command is largely static, it demonstrates the capability to interact with the host system's CLI.- [DYNAMIC_EXECUTION]: The skill's primary function in scripts/auto_skill_generator.py and scripts/directive_generator.py involves generating new Python scripts and markdown files from templates and writing them directly to the .claude/skills/ directory. This automated code generation and file system modification poses a risk if the input data used for generation is manipulated.- [PROMPT_INJECTION]: The skill exhibits a significant surface for Indirect Prompt Injection (Category 8). It ingests untrusted data from *PRD*.md, TODO.md, and .cortex_log.md (which tracks all agent activities including potentially attacker-influenced errors or responses). Findings: 1. Ingestion points: scripts/prd_analyzer.py (markdown files) and scripts/modules/cortex_reader.py (Cortex logs). 2. Boundary markers: Absent in the parsing logic. 3. Capability inventory: File writing (Write) and shell command execution (Bash). 4. Sanitization: Absent; the skill uses regex to extract patterns and interpolates them directly into code templates.- [PERSISTENCE]: Documentation in references/INSTALLATION.md and references/MANUAL_USAGE.md provides instructions and scripts (scripts/synapse_auto_watch.sh) to establish persistent background execution via crontab entries and git post-commit hooks. This allows the skill to perform its analysis and code generation tasks autonomously across sessions.

synapse