The Agent Skills Directory

[DATA_EXFILTRATION]: Accesses sensitive local conversational data for analysis.
The skill is designed to read and process user interaction history from several local paths: ~/.claude/projects/, ~/.codex/sessions/, and ~/.local/state/opencode/prompt-history.jsonl.
This data contains the full text of user prompts and AI responses, which are used to generate coaching scores and trend reports.
While the skill handles sensitive data, no evidence of network transmission or external exfiltration was found; scripts use only standard Python libraries without network capabilities (e.g., no requests, urllib, or socket).
[COMMAND_EXECUTION]: Executes local Python scripts to perform its core functions.
The workflow relies on executing several internal scripts: extract_sessions.py for data gathering, save_review.py for persistence, and purge_sessions.py for file management.
purge_sessions.py allows for the deletion of session files in the aforementioned sensitive directories. The skill instructions and script logic include safeguards such as requiring user confirmation and providing a --dry-run option to preview deletions.
[REMOTE_CODE_EXECUTION]: Detection of dynamic module loading in a utility script.
The script scripts/save_review.py utilizes __import__('sys') within a print statement to direct output to stderr.
While __import__ is a pattern often associated with obfuscation or dynamic execution, its use here is limited to accessing the standard library sys module for benign logging of a JSON parsing warning.

prompt-reviewer