The Agent Skills Directory

[SAFE]: The skill includes a 'HARD-GATE' requirement that mandates user approval before any implementation actions, ensuring human oversight.- [SAFE]: The skill explicitly forbids writing files or invoking implementation skills autonomously, restricting its activity to the conversation.- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads project-related files and commit history to provide relevant context. These operations are limited to the user's workspace and do not access sensitive system credentials or perform network exfiltration.- [INDIRECT_PROMPT_INJECTION]: The skill processes project documentation and 'wisdom' rules from .woostack/wisdom/.md. While this ingests external content, the risk is negligible due to the skill's inability to execute code or write files. 1. Ingestion points: Local project files, docs, commits, and .woostack/wisdom/.md (SKILL.md, Step 1). 2. Boundary markers: None explicitly defined. 3. Capability inventory: Limited to conversation and suggesting another visualization skill; no file-writing or shell execution. 4. Sanitization: None described.

woostack-ideate