The Agent Skills Directory

[SAFE]: The skill is designed for internal administrative tasks, specifically managing knowledge artifact history within the .agents/ directory. It does not exhibit any signs of malicious intent, unauthorized data exfiltration, or persistence mechanisms.
[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard utilities such as grep, find, and basename, along with search tools ao and cass. These commands are used to process local metadata and do not involve remote code execution or suspicious network operations.
[PROMPT_INJECTION]: The skill processes content from local markdown files in .agents/learnings/ and .agents/patterns/. While this represents a surface for indirect prompt injection where malicious instructions could be embedded in an artifact, the risk is minimal as the skill focuses on metadata extraction for reporting. Ingestion points include the Read and Grep tools; boundary markers and sanitization are absent, but capabilities are restricted to local search and lineage documentation.

provenance