The Agent Skills Directory

[DATA_EXFILTRATION]: The skill's primary workflow involves bundling session history from ~/.claude/projects/ and uploading it to an external Cloudflare R2 bucket using aws s3 cp. This represents the intentional exfiltration of sensitive development logs, conversation history, and potential environment metadata.
[CREDENTIALS_UNSAFE]: The execution plan relies on the 1Password CLI (op) to retrieve credentials for the Cloudflare R2 upload, and the use of aws s3 presign to generate publicly accessible URLs for the uploaded data.
[COMMAND_EXECUTION]: The instructions direct the agent to execute multiple local shell scripts (scripts/bundle.sh, scripts/sanitize.sh) and system utilities including brotli, aws, op, and bun.
[PROMPT_INJECTION]: The skill contains a 'Self-Evolving Skill' section that explicitly commands the agent to 'fix this file immediately' and 'update this file' based on its execution experience. This instruction facilitates self-modification of the agent's own behavior and rules, which can be exploited to persist malicious logic or bypass future constraints.

share