The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes potentially destructive shell commands such as rm, rmdir, and ln -s within the user's home directory (~/.claude/) and project directories.\n- [COMMAND_EXECUTION]: The script logic for identifying and fixing symlinks relies on iterating over space-delimited strings (e.g., for skill in $MISSING_PROJECT_SKILLS; do ... done), which is susceptible to word splitting and unintended operations if filenames or registry IDs contain spaces or shell metacharacters.\n- [COMMAND_EXECUTION]: The skill ingests data from external sources, including registry files (_registry.yml) and the local filesystem, without validation or sanitization. This creates a surface for path traversal or unauthorized file manipulation if these sources contain malicious entries such as ../ sequences or shell injection characters.

audit-discovery-symlinks