The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs extensive file system operations, including reading and writing to project files (AGENTS.md, CLAUDE.md) and configuration files (~/.claude/settings.json). These operations are used to manage instruction stubs and resolve plugin conflicts.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by reading untrusted data from package.json (fields: name, description) and interpolating it into the AGENTS.md instruction file.
Ingestion points: package.json metadata.
Boundary markers: None identified for the interpolated placeholders {{PROJECT_NAME}} and {{PROJECT_DESCRIPTION}}.
Capability inventory: File system write access to instruction files and environment configuration.
Sanitization: No explicit sanitization of project metadata is mentioned before insertion into executable instructions.
[DATA_EXPOSURE]: The skill accesses local configuration files such as ~/.claude/settings.json and .hex-skills/environment_state.json to audit the agent environment and detect plugin conflicts. This access is localized and does not involve external transmission of data.

ln-014-agent-instructions-manager