The Agent Skills Directory

[SAFE]: All operations are restricted to the local file system within the wiki/knowledge/ workspace. The skill does not attempt to access sensitive system files, hardcode credentials, or establish external network connections.
[COMMAND_EXECUTION]: The skill uses the grep command to search for title keywords and perform deduplication of knowledge entries. This is a standard and benign use of local system tools for text processing.
[PROMPT_INJECTION]: The skill serves as a processing pipeline for untrusted data in the raw/ directory, which creates a surface for indirect prompt injection. Instructions embedded in raw entries could potentially be promoted to the formal knowledge base and followed by other agents.
Ingestion points: wiki/knowledge/raw/ directory (SKILL.md).
Boundary markers: Absent; the skill relies on standard markdown formatting rather than explicit instruction-isolation delimiters.
Capability inventory: Local file system read/write operations and grep command execution (SKILL.md).
Sanitization: Implements a quality check process (Q1-Q5) that validates entries for structure, rationale, and code examples before they are published.

cc-kb