The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various system commands through the child_process module for legitimate functionality.
Evidence: src/daemon/git-journal.ts uses spawnSync to manage a Git repository for journaling wiki changes.
Evidence: src/utils/process.ts uses spawn to open the local dashboard and vault files using platform-specific commands like open, xdg-open, and rundll32.exe.
[EXTERNAL_DOWNLOADS]: The skill downloads external resources as part of its core mission to extend agent capabilities.
Evidence: src/core/workspace-skills.ts utilizes npx to install parser skills from trusted sources like Anthropics and the author's own repository (tiangong-ai).
Evidence: src/core/synology.ts implements a client to download vault files from a user-configured Synology NAS.
[CREDENTIALS_UNSAFE]: The skill handles sensitive credentials (API keys, NAS passwords) using secure patterns.
Evidence: Credentials are required to be stored in .wiki.env files or environment variables, following standard secret management practices.
Evidence: src/commands/check-config.ts explicitly redacts API keys when outputting configuration status in JSON format.
[INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to ingesting untrusted vault data, but implements mitigation strategies.
Evidence: src/core/workflow-context.ts provides a structured prompt for the agent that includes clear goal headers and instructions to follow a strict manifest contract for outputs.
Evidence: The skill separates raw data extraction from the knowledge synthesis layer and provides a quality gate using tiangong-wiki lint.

tiangong-wiki-skill