The Agent Skills Directory

[COMMAND_EXECUTION]: The skill generates a local shell script at ~/.claude/hooks/continue-here/read-continuation.sh and modifies ~/.claude/settings.json to execute this script automatically on session start. This creates a persistence mechanism within the agent's environment to maintain state across sessions.
[PROMPT_INJECTION]: The skill introduces an indirect prompt injection surface by instructing the agent to automatically ingest and act upon the contents of CONTINUE_HERE.md at the start of every session. If an attacker modifies this file in a shared repository, they could influence the agent's behavior in subsequent sessions.
Ingestion points: The CONTINUE_HERE.md file is read via a startup hook script and project-level CLAUDE.md instructions.
Boundary markers: The startup script performs JSON escaping for transport, and CLAUDE.md provides basic validation instructions (e.g., checking the file age), but no strict semantic delimiters are used to separate the file content from system instructions.
Capability inventory: The skill leverages Read, Write, Bash, Grep, and Glob tools.
Sanitization: No sanitization or filtering of the markdown content is performed before it is injected into the language model's context.

continue-here