The Agent Skills Directory

[DATA_EXFILTRATION]: The skill instructs the agent to read sensitive configuration paths such as .env, .properties, and application.yml to identify environment constraints and architecture conventions. This behavior allows access to potentially sensitive environment variables and configuration data.
[PROMPT_INJECTION]: The skill facilitates indirect prompt injection by ingesting untrusted data from the local codebase through Read and Grep operations. Evidence includes the ingestion of arbitrary code files without explicit boundary markers. While it includes a 'Fact Checker' self-verification checklist to validate findings, the capability to read external content remains an entry point for embedded instructions in the analyzed code.

context-detective