The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions explicitly direct the agent to inject "Agent Override Directives" into the project's CLAUDE.md file. The stated intent is to "override Claude Code's built-in limitations," which is a documented pattern for attempting to bypass system safety constraints and operational guidelines.\n- [COMMAND_EXECUTION]: The workflow includes shell script snippets for resolving file paths using readlink -f. Executing shell commands on project-controlled structures (like symlinks) can be exploited if the agent does not validate the input.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes and modifies CLAUDE.md files, which are persistent instructions that influence agent behavior.\n
Ingestion points: Reads CLAUDE.md from the project directory and template files from the plugin root.\n
Boundary markers: Absent. The skill merges content without using delimiters or instructions to ignore embedded directives.\n
Capability inventory: Performs file reads, file writes, and shell execution (readlink).\n
Sanitization: Absent. Content from templates and existing project files is combined and written back without validation or filtering.

update