The Agent Skills Directory

[SAFE]: No security issues detected. The skill performs legitimate workflow management tasks through localized file operations and internal state updates.
[COMMAND_EXECUTION]: The skill uses local shell commands to identify recent checkpoint files within the project's directory structure.
Evidence: ls -la plans/reports/memory-checkpoint-*.md | tail -5 used to list recent checkpoints.
Evidence: find plans -name "memory-checkpoint-*.md" -mmin -60 | head -5 used to search for checkpoints modified in the last hour.
[PROMPT_INJECTION]: The skill includes instructions to restore state from external checkpoint files, which constitutes a surface for Indirect Prompt Injection.
Ingestion points: Reads workflow metadata and todo lists from memory-checkpoint-*.md files located in the plans/ directory.
Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are used when the agent processes the contents of the restored checkpoint files.
Capability inventory: The skill is capable of executing shell commands for file discovery and using the TaskCreate tool to populate the agent's internal task list.
Sanitization: The instructions do not specify any validation or sanitization of the JSON metadata extracted from the checkpoint files before it is used to restore the session state.

recover