The Agent Skills Directory

[DATA_EXFILTRATION]: The skill reads from ~/.claude/history.jsonl, which stores the full context of user interactions, including pasted source code and project architecture. This sensitive data is subsequently processed and sent to external endpoints (Slack DMs and HackerNews search queries).
[CREDENTIALS_UNSAFE]: Claude Code chat history is a high-risk file path as it frequently contains leaked API keys, authentication tokens, or environment variables accidentally shared during debugging sessions.
[COMMAND_EXECUTION]: The instructions mandate the use of several MCP tools (RUBE_SEARCH_TOOLS, RUBE_MULTI_EXECUTE_TOOL, RUBE_MANAGE_CONNECTIONS) to perform network operations and message delivery based on local file content.
[PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It ingests data from local chat logs which may contain untrusted content from the web or malicious instructions. The instructions lack boundary markers (e.g., XML tags or delimiters) or sanitization logic to prevent the agent from obeying instructions embedded within the analyzed history.

developer-growth-analysis