The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses a simple Bash command (date '+%Y-%m-%d %H:%M') to generate timestamps for vault metadata updates. This is a low-risk operation restricted to fetching the system time.
[EXTERNAL_DOWNLOADS]: The skill interacts with external Confluence REST APIs via the WebFetch tool to fetch space metadata and upload content. These network operations are directed at the user's own configured Confluence instance and are preceded by an explicit approval request.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted markdown files from the user's vault.
Ingestion points: Reads files from vault directories including 04-projects/, 05-knowledge/, and 01-daily/ (SKILL.md, Phase 1).
Boundary markers: Implements a mandatory "Preview and Approval Gate" (Phase 4) which requires explicit user confirmation ("yes/no") before the content is sent to the API.
Capability inventory: The agent can perform file system reads/writes, execute basic shell commands, and make network requests via WebFetch (SKILL.md, Phase 5).
Sanitization: Content is transformed via a fixed XHTML conversion map (Phase 3), which reduces the risk of malicious payload execution, though it does not explicitly filter for natural language instruction overrides.

publish-to-confluence