The Agent Skills Directory

[SAFE]: The skill is an educational resource consisting of documentation, architectural playbooks, and illustrative pseudo-code snippets. It does not contain any executable malicious scripts or commands.
[PROMPT_INJECTION]: The skill explicitly identifies prompt injection and memory poisoning (MINJA-class attacks) as significant risks. It provides robust defensive guidelines, including the 'dual-LLM pattern' (where a quarantined LLM sanitizes retrieved content), strict boundary delimiters, and 'data-not-instructions' framing to prevent the agent from executing instructions stored in memory.
[DATA_EXFILTRATION]: The documentation treats persistent memory as a liability for data exposure (e.g., GDPR/HIPAA). It mandates mitigations such as data model TTLs (Time-To-Live) for volatile facts, redaction hooks, and architectural isolation between single-user and shared memory pools.
[EXTERNAL_DOWNLOADS]: The skill references reputable academic sources (arXiv) and well-known open-source agent frameworks (mem0, Letta, MemGPT). It does not initiate any automated software installations, script downloads, or unauthorized network requests.
[COMMAND_EXECUTION]: The TypeScript examples provided in the examples/ directory are purely illustrative logic for fact extraction, validation, and reflexion loops. They do not perform any privileged shell commands or unauthorized file system operations.

self-improving-systems