The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs shell operations using curl to send status notifications to a local endpoint (localhost:31337) and executes the ls command via Bun.spawnSync to discover template partials. These operations are restricted to local environment coordination and legitimate file management tasks.
[SAFE]: Operational history is recorded by appending JSON entries to ~/.claude/PAI/MEMORY/SKILLS/execution.jsonl. This logging mechanism is confined to the local filesystem for session tracking purposes and does not exfiltrate sensitive information.
[PROMPT_INJECTION]: The core functionality involves generating prompts by interpolating user-provided data into Handlebars templates, which creates an indirect prompt injection surface.
Ingestion points: Handlebars templates and YAML/JSON data files provided as input to the RenderTemplate.ts utility (e.g., Primitives/Briefing.hbs, Data/Agents.yaml).
Boundary markers: The skill relies on Markdown headers and structured formatting guidelines defined in the documentation to delimit instructions and data components.
Capability inventory: The environment supports file system access, subprocess execution (bun run), and local network operations via curl to localhost.
Sanitization: The rendering engine performs direct interpolation of data values into templates without automated escaping or sanitization, which is standard for meta-prompting and templating utilities.

Prompting