The Agent Skills Directory

[SAFE]: The skill analyzes local chat history to automate the creation of workflow documentation and agent rules. It includes explicit constraints to protect sensitive information such as local paths, secrets, customer data, and credentials.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) by processing untrusted historical chat data. 1. Ingestion points: Recent Cursor chat transcripts (SKILL.md). 2. Boundary markers: The instructions do not specify delimiters for transcript content. 3. Capability inventory: The skill is empowered to create or edit files (skills, rules, workflow docs) on the local filesystem. 4. Sanitization: The risk is mitigated by a structured extraction process that requires the agent to identify 'preference atoms', rate confidence, and 'Filter anecdotes that will not help future tasks', serving as a logic-based filter against malicious instructions embedded in the transcripts.

workflow-from-chats