The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/contacts_manager.rb accesses sensitive file paths for Google OAuth 2.0 authentication. It reads from ~/.claude/.google/client_secret.json and ~/.claude/.google/token.json. While these files are necessary for the skill's primary function of interacting with the Google People API, they contain sensitive access tokens and client secrets.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it retrieves untrusted data from an external source (Google Contacts) and possesses write capabilities (create, update, and delete). Ingestion points: The list_contacts, get_contact, and search_contacts methods in scripts/contacts_manager.rb ingest data from the Google People API. Boundary markers: Data is output as structured JSON, but no specific delimiters or ignore instructions are applied to the text content of contact fields. Capability inventory: The script can create, update, and delete contacts via the People API. Sanitization: No sanitization or filtering of contact field content is performed before outputting data to the agent context.

contacts