The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install the 'verify-everything' package from PyPI using package managers like pip, pipx, or uv. It also encourages fetching updates and model definitions from the 'imbue-ai/vet' GitHub repository and a remote model registry.- [COMMAND_EXECUTION]: The skill documentation describes executing the 'vet' CLI tool and various scripts to export session history. Specifically, 'export_opencode_session.py' uses the subprocess module to execute the 'opencode export' command. Additionally, the 'vet' command's '--history-loader' flag is used to execute shell commands to retrieve conversation data.- [DATA_EXFILTRATION]: The skill's primary function involves reading sensitive data, including local git diffs and conversation histories from agent harnesses like Claude Code ('~~/.claude/projects/'), Codex ('~~/.codex/sessions/'), and OpenCode. This data is then processed and likely sent to an external LLM provider for analysis, as indicated by the '--model' flag.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes untrusted data, such as git diffs and conversation history. These inputs could contain malicious instructions designed to subvert the code review process or influence the agent's behavior during analysis.
Ingestion points: Git diffs from the local repository and session history files stored in harness-specific directories ('~~/.claude/projects/', '~~/.codex/sessions/').
Boundary markers: No explicit boundary markers or 'ignore instructions' directives are used when processing the harvested history or diff data.
Capability inventory: The skill executes local scripts via the '--history-loader' flag and runs system commands using subprocess in 'export_opencode_session.py'.
Sanitization: The provided export scripts perform data transformation but do not show evidence of sanitizing the content against embedded instructions before it is passed to the analysis tool.

vet