The Agent Skills Directory

[COMMAND_EXECUTION]: The guidelines instruct the agent to use shell search utilities like grep, findstr, and Select-String with keyword placeholders. The use of these tools with untrusted user-supplied input without explicit sanitization steps presents a potential command injection surface.- [PROMPT_INJECTION]: The core memory architecture relies on reading historical data from the file system, which establishes an indirect prompt injection surface. 1. Ingestion points: MEMORY.md and chronological daily logs in the memory/ folder. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to treat retrieved memory as untrusted data. 3. Capability inventory: Native file tools (read_file, write_file, edit_file) and shell-based search commands. 4. Sanitization: No sanitization or validation protocols are defined for content retrieved from memory files before it enters the agent's context.- [SAFE]: The skill includes a dedicated 'Security & Privacy' section that explicitly directs the agent to never record sensitive information such as passwords, tokens, or financial data unless requested, reducing the risk of accidental data exposure.

nano-memory