The Agent Skills Directory

[DATA_EXFILTRATION]: The skill references author-controlled domains such as synapsync.dev and github.com/SynapSync for manifest schemas and project hosting. These external references are legitimate vendor resources used for functional verification and documentation.
[COMMAND_EXECUTION]: The skill uses the Bash tool for directory creation and maintenance. Security is maintained through strict input normalization (kebab-case) for all user-supplied names, preventing command injection and ensuring files are written to intended locations within the cognitives directory.
[PROMPT_INJECTION]: As a registration tool, the skill naturally ingests user-provided content (prompts, skills, workflows). It applies an evidence chain for indirect injection risks: Ingestion points: User-provided cognitive content in trigger messages. Boundary markers: No explicit markers are used for the content body, but metadata is delimited in JSON/YAML structures. Capability inventory: Uses Write and Bash to manage the registry filesystem. Sanitization: Enforces strict naming conventions, category allow-listing, and description length limits (100 characters), which protects the registry structure even if the content body is unvalidated.

cognitive-register