The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection as it relies on untrusted local files to interpret user commands. \n- Ingestion points: Data is ingested from CLAUDE.md, memory/glossary.md, and project/people profiles. \n- Boundary markers: Absent; the instructions do not define delimiters or warnings to ignore embedded instructions in the memory data. \n- Capability inventory: The interpreted context is used to determine communication targets and project details for subsequent actions. \n- Sanitization: Absent; the agent is instructed to 'always' decode shorthand based on these files without verification. \n- NO_CODE (SAFE): The skill consists entirely of markdown instructions and does not include any executable scripts, binaries, or package manifests.

memory-management