The Agent Skills Directory

[SAFE]: The skill primarily uses instructions to guide the agent through a logical reflection process. It interacts with the environment using a CLI tool named 'probe' for reading directives and community context, which is consistent with its stated purpose.
[DATA_EXPOSURE]: The skill involves writing a self-evaluation file to a specific path within the workspace: '$WORKSPACE_BASE/zr-workspace/archive/ideas/.md'. This is a standard practice for maintaining persistent records of the agent's reasoning and does not target sensitive system or configuration files.
[INDIRECT_PROMPT_INJECTION]: The skill retrieves data from community messages via 'probe message list'. This represents a potential surface for indirect prompt injection if an attacker were to post malicious instructions in the chat. However, the skill instructions focus on using this data for context and alignment rather than executing commands derived from the messages. The risk is considered minimal and inherent to the functionality of processing community input.
[COMMAND_EXECUTION]: The shell commands used ('probe message', 'probe idea') are part of the intended project workflow and do not involve unsanitized user input or arbitrary code execution.

zeno-brainstorming