The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interacts with the local file system to read and modify specific configuration files such as AGENTS.md and CLAUDE.md. These operations are essential to its auditing function and are gated by a mandatory user approval workflow.
[PROMPT_INJECTION]: The skill processes user-controlled markdown files, creating a potential surface for indirect prompt injection. This risk is effectively mitigated by the skill's design, which requires a human-in-the-loop review of all diagnosis results and explicit consent before any updates are applied. 1. Ingestion points: instruction files (AGENTS.md, CLAUDE.md). 2. Boundary markers: none. 3. Capability inventory: file read/write access. 4. Sanitization: none.

audit-public-rules