The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requires the execution of a local script, scripts/abstract_engine.py, to perform deduplication and scoring tasks. This involves passing data extracted from knowledge bases or user input as command-line arguments to the script, which uses standard library functions to process and persist data to the file system.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted structural rules from local JSONL files (kb_path) or direct user input (seed_rule). These rules are then processed and re-instantiated into other domains without explicit boundary markers or sanitization procedures described in the prompt construction logic. This creates a surface where malicious instructions embedded in a knowledge base could influence the agent's abstraction or re-instantiation logic.
[DATA_EXPOSURE]: The skill reads from and writes to the local file system in the data/ directory, specifically managing knowledge base files in data/knowledge/base/ and session checkpoints in data/abstract/checkpoints/. While this is functional for the skill's purpose, it represents a data exposure surface for any content processed by the agent.

bdistill-abstract