The Agent Skills Directory

[SAFE]: The skill uses established Model Context Protocol (MCP) tools (mcp__goldfish__recall, mcp__goldfish__plan) to retrieve information. These are read-only operations within the agent's authorized context.- [SAFE]: File system access is limited to reading project plan documents (docs/plans/*.md). No write operations or execution of these files are performed.- [PROMPT_INJECTION]: The skill contains specific instructional guardrails (e.g., "Do NOT blindly trust the Status field", "Do NOT fabricate activity") which are defensive measures to ensure accuracy rather than malicious overrides.- [DATA_EXPOSURE]: While the skill processes project memories and plans, it lacks any network capabilities (no curl, wget, or fetch calls), preventing the exfiltration of this data.- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources (checkpoint memories and plan files). However, because the skill has no executable capabilities, any malicious instructions embedded in those files would fail to trigger side effects like command execution or data exfiltration.

standup