The Agent Skills Directory

[PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by instructing the agent to read and process content from various project directories at the start of every session. * Ingestion points: SKILL.md (Steps 1-3) instructs the agent to read .learnings/LEARNINGS.md, .learnings/ERRORS.md, .learnings/FEATURE_REQUESTS.md, .evals/EVAL_INDEX.md, and files in .context-surfing/. * Boundary markers: Absent. The instructions do not define delimiters or provide warnings to ignore instructions embedded in the processed data. * Capability inventory: The agent is directed to read, extract, filter, and recommend actions based on the ingested content, including calling other skills like learning-aggregator. * Sanitization: Absent. No validation or filtering is applied to the data retrieved from the local files.
[COMMAND_EXECUTION]: The skill executes scripts/pre-flight.sh to identify and count learning signals. The script is limited to read-only operations using grep and find on specific project directories and does not involve network access or privilege escalation.

pre-flight-check