The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local git commands (log, diff, rev-list) using spawnSync to monitor project activity and summarize session changes. These commands are executed with structured arguments and are limited to the project directory.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it parses content from project-controlled files like CLAUDE.md, package.json, and README.md. If these files contain malicious instructions, they could be parsed and displayed to the agent during initialization or session start.
Ingestion points: commands/init.mjs and hooks/session-start.mjs read and parse documentation and metadata files from the project root.
Boundary markers: No specific delimiters or "ignore instructions" markers are applied to the ingested content before it is presented to the agent.
Capability inventory: The skill can perform file system writes to its internal storage directory and execute local git commands.
Sanitization: The skill does not perform sanitization or validation of the text content extracted from project files before processing it.

ck