The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell commands during background checks and hooks.
Evidence: Executing node .claude/hooks/daily-plan-quick-ref.cjs as a Stop hook.
Evidence: Running qmd update && qmd embed to refresh the vault search index if the tool is present.
[DATA_EXFILTRATION]: The skill includes telemetry tracking that sends usage data to an external endpoint.
Evidence: The track_event tool is called at the end of the process to log meeting counts, task numbers, and priorities to an analytics service.
[EXTERNAL_DOWNLOADS]: The skill performs an automated check for updates, which typically involves a network request to a remote server.
Evidence: Calling check_for_updates(force=False) during the silent background check phase.
[PROMPT_INJECTION]: The skill has a significant surface area for indirect prompt injection by ingesting untrusted content from multiple external communication channels.
Ingestion points: Processes data from calendar event descriptions, Gmail threads, Microsoft Teams messages, and Apple Reminders via various MCP tools.
Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands when synthesizing content from these external sources.
Capability inventory: The agent has the ability to write to the file system (creating plans and logs), execute shell commands (node, qmd), and modify task statuses and reminders.
Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external communications before it is processed by the model for planning.

daily-plan