The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses various local shell utilities including ls, grep, awk, bc, sed, cat, and printf to manage files, perform arithmetic, and process transcript data. It also relies on the ao CLI tool for core transcript mining and indexing operations.
[PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface as it ingests untrusted transcript data to generate knowledge files that are promoted to the agent's persistent memory in .agents/learnings/.
Ingestion points: Reads session transcripts via the ao forge transcript command or manual conversation history review (SKILL.md).
Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded commands within the processed transcripts.
Capability inventory: The skill can perform file writes, directory creation, and execute local shell commands to manipulate the agent's knowledge base (SKILL.md).
Sanitization: Absent; extracted content from transcripts is written directly to learning files without validation or filtering, potentially allowing malicious instructions to be stored as 'learnings'.

forge