The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell scripts to manage its configuration, log telemetry events locally to ~/.superstack/telemetry.jsonl, and check project status using git and solana CLI tools. These operations are aligned with the skill's purpose of project preparation and diagnostics.
[DATA_EXFILTRATION]: The skill transmits technical metadata (execution duration, platform architecture, and skill name) to an external endpoint via curl. The destination URL is retrieved from the user's local configuration file. This behavior is subject to user approval via an explicit opt-in prompt and excludes sensitive data such as source code or personal identifiers.
[PROMPT_INJECTION]: The skill ingests external project data from files like idea-context.md, build-context.md, and README.md. This creates a surface for indirect prompt injection where malicious instructions in those files could attempt to influence the agent's output.
Ingestion points: .superstack/idea-context.md, .superstack/build-context.md, and README.md (referenced in SKILL.md).
Boundary markers: None identified in the workflow instructions.
Capability inventory: Subprocess execution for telemetry and CLI tools in SKILL.md; file-writing to ~/.superstack/ directory.
Sanitization: No explicit sanitization or validation of the ingested markdown content is performed before processing.

submit-to-hackathon