The Agent Skills Directory

[SAFE]: The skill's behavior is entirely consistent with its documented purpose of documentation management. No malicious patterns, obfuscation, or unauthorized data exfiltration techniques were detected.\n- [DATA_EXFILTRATION]: The skill reads project-level markdown files such as CLAUDE.md and documents within the docs/ directory to identify content to migrate. This access is restricted to documentation, occurs entirely locally, and does not involve sensitive files like credentials or unauthorized network transmission.\n- [PROMPT_INJECTION]: Includes defensive instructions to ignore command arguments, which serves as a safeguard against user-provided injection attempts rather than a malicious override of agent safety systems.\n- [SAFE]: Regarding potential indirect prompt injection vulnerability surfaces: 1. Ingestion points: CLAUDE.md, docs/, and root .md files; 2. Boundary markers: The skill implements a multi-phase discovery and reporting structure with clear context separation; 3. Capability inventory: File system read and write operations; 4. Sanitization: While no automated content sanitization is described, the skill mandates explicit user approval for every individual migration step, maintaining a strong human-in-the-loop control that effectively mitigates the risk of executing hidden instructions.

kb-absorb