The Agent Skills Directory

[SAFE]: The skill maintains a clear operational boundary, explicitly routing security audits, exploit reviews, and global build fixes to specialized external skills.
[SAFE]: Investigation progress is tracked locally using a JSON file in the .hypercore/bug-fix/ directory, which is a hidden path used for local persistence without external data exposure.
[PROMPT_INJECTION]: The skill processes untrusted input such as runtime error messages and user-provided reproduction steps, which constitutes a surface for indirect prompt injection.
Ingestion points: Error symptoms, log messages, and reproduction steps ingested during the input validation and diagnosis phases in SKILL.md and SKILL.ko.md.
Boundary markers: The instructions do not define delimiters or specific markers to isolate untrusted error log content from the agent's internal reasoning.
Capability inventory: The skill has access to powerful execution and modification tools including Bash, Edit, and Write.
Sanitization: No explicit verification or sanitization of ingested error data is mandated before the data is used to inform code changes.

bug-fix