The Agent Skills Directory

[PROMPT_INJECTION]: The skill explicitly uses instructions designed to override an LLM's default behavioral training (RLHF). It employs forceful framing such as "physics, not politeness" and "non-negotiable execution mandate" to bypass standard safety and interaction pauses, demanding immediate action without summarization or confirmation.
[COMMAND_EXECUTION]: The skill programmatically modifies environment configurations, specifically .claude/settings.json, to inject SessionStart hooks. This alters the agent runtime's behavior for future sessions to enforce GUPP rules autonomously.
[COMMAND_EXECUTION]: A watchdog mechanism facilitates session restarts via the Runtime HAL when an agent is unresponsive. In specific runtimes like Codex, the skill executes commands via tmux (gt prime) to inject context and rules into the agent session.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating data from external state files into agent nudges and escalation messages. (Ingestion points: state/hooks/{agentId}.json for bead and work item data; Boundary markers: Absent; Capability inventory: Session restarts via requestRestart, durable mail notifications via sendMail, and active nudges via sendNudge; Sanitization: The documented logic does not demonstrate validation or escaping of beadId or other hook metadata before its use in communication channels).

gupp-propulsion