The Agent Skills Directory

[PROMPT_INJECTION]: The instructions in SKILL.md direct the agent to perform specific memory operations "SILENTLY" and to "never announce" them to the user. This encourages the agent to conceal background actions, which can be used to mask suspicious behavior.
[PROMPT_INJECTION]: The skill creates a significant indirect prompt injection surface. The agent is instructed to read from and update files like SESSION-STATE.md and MEMORY.md which store content from previous user interactions. Since these files are processed as active context in subsequent sessions without sanitization or boundary delimiters, malicious instructions embedded in previous chats could be reactivated and obeyed by the agent.

elite-longterm-memory