The Agent Skills Directory

[SAFE]: The skill observes and logs tool usage to local files for pattern analysis. To prevent the accidental exposure of sensitive information, hooks/observe.sh implements a secret scrubbing mechanism that uses regular expressions to redact common credential patterns (API keys, tokens, passwords, authorization headers) before data is persisted to the observations.jsonl file.
[SAFE]: A background observer agent analyzes session logs to detect recurring patterns. This agent is explicitly restricted to only the Read and Write tools and operates within project-scoped directories (~/.claude/homunculus/projects/), which prevents cross-project data leakage and limits the sub-agent's capabilities.
[SAFE]: The instinct-cli.py utility allows users to import instinct definitions from local files or remote URLs. Security is maintained through path validation in the _validate_file_path function, which blocks access to system directories (e.g., /etc, /proc, /usr) to prevent directory traversal attacks.
[SAFE]: The skill does not use any obfuscation, persistence mechanisms (like cron or shell profiles), or unauthorized privilege escalation. Subprocess calls are used appropriately for project detection via git and for invoking the claude CLI for analysis tasks without using dangerous shell=True configurations.

continuous-learning-v2