The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Configures official Anthropic MCP servers (@anthropic/memory-mcp-server, @anthropic/scheduled-tasks-mcp-server, and @anthropic/computer-use-mcp-server) using npx to provide the agent with memory, scheduling, and system control functions.
[COMMAND_EXECUTION]: Sets up persistent background tasks (crons) using the scheduled-tasks MCP and Claude Code's programmatic mode to enable continuous autonomous operation across sessions.
[PROMPT_INJECTION]: Exhibits an indirect prompt injection surface where external data influences agent behavior. • Ingestion points: Untrusted data is ingested from GitHub pull requests, notifications, emails, Slack messages, and Exa search results. • Boundary markers: The provided workflow prompts do not utilize delimiters (e.g. XML tags) to isolate untrusted data from instructions. • Capability inventory: The agent has access to the computer-use MCP (browser and desktop control) and the local shell via programmatic mode. • Sanitization: No validation or sanitization is performed on external content before it enters the agent's context. Mitigation: Wrap external inputs in clear boundary markers and instruct the agent to ignore any embedded directives within that data.

autonomous-agent-harness