The Agent Skills Directory

[PRIVILEGE_ESCALATION]: The instructions suggest using sudo to move the harness-scs binary to /usr/local/bin/, which requires administrative privileges to modify system directories.
[COMMAND_EXECUTION]: The skill generates a shell script at $CLAUDE_PROJECT_DIR/.claude/hooks/agent-pr-attestation.sh and modifies the agent's configuration (.claude/settings.json) to register a PostToolUse hook. This ensures the script executes automatically following tool invocations in the agent environment.
[DATA_EXFILTRATION]: The installed hook script is designed to collect session data, command transcripts, and tool outputs to generate attestations that are then uploaded to the Harness Evidence Vault (harness.io). This involves transmitting agent interaction data to an external vendor service.
[CREDENTIALS_UNSAFE]: The skill guides the user to input a Harness Personal Access Token (PAT) and stores it in plain text in ~/.harness/auth.json. While the skill applies restricted file permissions (chmod 600), the presence of sensitive credentials in a static configuration file is a known security consideration.
[COMMAND_EXECUTION]: The setup instructions include running task compile-harness-scs, which executes local build tasks to prepare the vendor's tooling.

configure-agent-pr-attestation