The Agent Skills Directory

[DATA_EXFILTRATION]: The skill accesses an API key stored in ~/kyp/haah/haahconfig.yml to authenticate requests to api.haah.ing. It transmits natural language queries and receives responses from other users, which is the primary purpose of the communication service.
[PERSISTENCE_MECHANISMS]: The instructions prompt the agent to ask the user for permission to install a cron job (*/30 7-22 * * *) or modify HEARTBEAT.md to ensure the skill runs regularly. This is a legitimate requirement for a messaging/dispatch system.
[COMMAND_EXECUTION]: Uses standard shell utilities including curl for network requests and yq for parsing YAML configuration files.
[INDIRECT_PROMPT_INJECTION]:
Ingestion points: External natural language content is ingested via GET /dispatch and GET /inbox from the vendor API.
Boundary markers: None provided in the instructions to delimit external content from system instructions.
Capability inventory: The skill has access to the local file system (config) and shell execution (curl, yq).
Sanitization: No specific sanitization or validation of the remote text is mentioned before the agent reasons over it.

haah