The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the execution of npx claude-recall setup --install, which modifies the local .claude/settings.json file to register automatic capture hooks. It also utilizes npx to manage skills via list, generate, and clean commands.
[EXTERNAL_DOWNLOADS]: The skill depends on an external Node.js package, claude-recall, executed via npx. This package is responsible for the underlying storage, retrieval, and skill generation logic.
[PROMPT_INJECTION]: The skill establishes a mechanism for indirect prompt injection. By directing the agent to 'ALWAYS load rules before acting' and 'ACT on loaded rules', any malicious content captured in the memory (e.g., from a processed file or crafted user input) can be converted into a persistent directive influencing future agent behavior.
Ingestion points: Conversation transcripts and user prompts are ingested via hooks (correction-detector, memory-stop, precompact-preserve) and manual tool calls (store_memory).
Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the stored memory content.
Capability inventory: Loaded rules are prioritized as the first action of every session and are instructed to inform filesystem exploration, code editing, and decision-making.
Sanitization: The skill does not describe any sanitization or validation of the text before it is stored or re-injected as a rule.
[COMMAND_EXECUTION]: The 'Skill Crystallization' feature dynamically writes new SKILL.md files to .claude/skills/auto-*/ based on accumulated conversation history. These files are automatically loaded as new skills by the platform, representing the dynamic generation of executable instructions from potentially untrusted data.

memory-management