The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes local bash scripts (activator.sh, error-detector.sh, and extract-skill.sh) intended to be used as platform hooks or manual helpers. These scripts perform standard file system operations like creating directories and writing markdown files using mkdir and cat. They are designed to work within the local project environment and do not involve remote command execution or unauthorized access.
[PROMPT_INJECTION]: The skill includes an automated error detection mechanism that processes tool outputs. Ingestion points: The error-detector.sh script reads the CLAUDE_TOOL_OUTPUT environment variable provided by the agent platform. Boundary markers: The scripts wrap their output in XML-style tags (e.g., <error-detected>) to distinguish injected reminders from user or agent content. Capability inventory: The skill's primary capabilities include file system writes via extract-skill.sh. Sanitization: The error-detector.sh script does not echo the external tool output; it only outputs a static string if a pattern match is found. Additionally, extract-skill.sh uses a strict regular expression (^[a-z0-9]+(-[a-z0-9]+)*$) to validate user-provided skill names, preventing command injection.
[SAFE]: Extensive analysis of all 10 threat categories confirms the skill is safe for use. There is no evidence of obfuscation, hardcoded credentials, persistence mechanisms, or unauthorized network activity. The external references and tool integrations (Claude Code, Clawdbot) are legitimate and documented for the developer.

self-improvement-2