The Agent Skills Directory

[DATA_EXFILTRATION]: The skill accesses the sensitive directory ~/.claude/projects to retrieve session transcript files in .jsonl format. These files contain the full history of AI interactions, which typically include source code, project structure, and potentially credentials or environment variables discussed during the session.- [DATA_EXFILTRATION]: Automates the transmission of these sensitive transcripts to GitHub Gists. While this is the intended functionality for sharing, it facilitates the exfiltration of local session data to a remote service.- [COMMAND_EXECUTION]: Executes shell commands including find, sed, awk, and sort to programmatically identify the correct session file based on the current working directory.- [COMMAND_EXECUTION]: Relies on an external CLI tool claude-code-transcripts to process the session files and perform the upload operation.- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by reading and processing data from existing session transcripts.
Ingestion points: Reads session data from ~/.claude/projects/*.jsonl.
Boundary markers: Absent; untrusted session content is not delimited or isolated from the tool's logic.
Capability inventory: File system access, shell execution, and network upload via external CLI tools.
Sanitization: None detected; the transcript content is processed and uploaded as-is.

share-transcript