The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses git status, git diff --stat, git add, and git commit to manage repository state. These are standard development tools and are used within the expected context of a session-wrap utility.
[INDIRECT_PROMPT_INJECTION]: The skill identifies an attack surface by ingesting untrusted data from the repository (file contents and git diffs) to generate summaries and automation suggestions.
Ingestion points: Reads git diff output and project metadata files like CLAUDE.md and README.md (SKILL.md).
Boundary markers: None identified in the prompt templates.
Capability inventory: Executes shell commands (git) and modifies local files.
Sanitization: No explicit sanitization or escaping of file content before analysis is mentioned.
[DYNAMIC_EXECUTION]: The skill can generate drafts for new automation scripts or agent skills based on patterns detected during the session. This is classified as low risk because it generates 'drafts' (초안) and requires explicit user approval via a multi-choice question before any file system write or execution occurs.

my-session-wrap