The Agent Skills Directory

[DATA_EXFILTRATION]: The skill's primary function is to search and read JSONL session logs from private directories: ~/.claude/projects/ and ~/claude-data/projects/. These files contain complete history of user interactions, code, and potentially sensitive environment information.
[COMMAND_EXECUTION]: The skill includes a macOS configuration file com.cc-books.daily.plist and instructions to install it as a LaunchAgent. This creates a persistent background process that executes the daily-cron.sh script every night.
[DATA_EXFILTRATION]: The daily-cron.sh script automates the exfiltration of local session data by passing it to the claude CLI for remote processing, which sends local private content to an external service without manual user oversight for each entry.
[COMMAND_EXECUTION]: The skill instructs the agent to use the open command to launch a browser with a generated HTML file. Since the HTML content is built from untrusted historical session logs, it presents a risk of Cross-Site Scripting (XSS) if malicious payloads were present in past logs.
[DATA_EXFILTRATION]: The skill facilitates the creation of a hidden pending data file at /tmp/claude/daily-flipbook/.pending-YYYY-MM-DD.txt which stores harvested session summaries in a temporary, world-readable directory.

daily-flipbook