The Agent Skills Directory

[SAFE]: No security issues detected. The skill performs legitimate automation and maintenance tasks related to system updates and usage analysis.
[EXTERNAL_DOWNLOADS]: Fetches Claude Code changelogs using web search from official Anthropic documentation and GitHub releases. These are well-known services and trusted sources required for core functionality.
[DATA_EXPOSURE]: Reads internal application files (e.g., System/Session_Learnings, Mistake_Patterns.md) to analyze usage trends. These resources are specific to the application's own context and used for the stated purpose of system improvement.
[PROMPT_INJECTION]: The skill ingests external changelog data, creating an indirect prompt injection surface. This is a common design pattern for update-checkers and is mitigated by user review and model guardrails. 1. Ingestion points: WebSearch results (Step 2) and local learning files (Step 0). 2. Boundary markers: Absent. 3. Capability inventory: File write operations (Write tool), MCP tool calls (synthesize_changelog), and ability to implement suggested changes. 4. Sanitization: Not explicitly implemented for retrieved changelog content.

dex-whats-new