The Agent Skills Directory

[SAFE]: The skill processes highly sensitive personal data, such as chat logs and private diaries, entirely locally. Analysis of the code (including core/chat_engine.py and core/memory_store.py) confirms there are no network operations to external servers for data exfiltration.
[SAFE]: Implements a robust psychological safety mechanism in core/safety_guard.py. It uses regex patterns to detect high-risk signals (self-harm or suicide ideation) in user input and triggers prioritized intervention messages with official help-line information.
[COMMAND_EXECUTION]: The skill automates the creation of new sub-skills in the ~/.claude/skills/ directory. While this involves writing executable instructions to a sensitive path, the behavior is core to the stated functionality (creating persistent digital companions) and includes a 'Summary and Preview' step (Step 4 in SKILL.md) that acts as a human-in-the-loop verification before any files are written.
[INDIRECT_PROMPT_INJECTION]: Since the skill ingests untrusted data from external chat logs to build a persona, it is theoretically susceptible to indirect prompt injection if those logs contain malicious instructions. However, the structured analysis prompts (prompts/persona_analyzer.md) and the final user confirmation step mitigate this risk. In accordance with guidelines, this vulnerability surface is documented with LOW severity and does not escalate the safe verdict.
[EXTERNAL_DOWNLOADS]: The skill depends on sentence-transformers for RAG functionality, which may download pre-trained models from Hugging Face. As Hugging Face is a well-known and trusted service for AI models, these downloads are considered safe and routine operations.

reunion