The Agent Skills Directory

[SAFE] (SAFE): The skill performs text transformation and local file operations within the repository. It lacks network access, external dependencies, or command execution capabilities.- [DATA_EXPOSURE] (LOW): The skill accesses session logs and project documentation to generate content. There is no evidence of hardcoded credentials or access to sensitive system directories.- [INDIRECT_PROMPT_INJECTION] (LOW): Detected an attack surface for indirect prompt injection. 1. Ingestion points: sessions/articles/YYYY-MM-DD.md. 2. Boundary markers: Not explicitly defined in instructions. 3. Capability inventory: The skill is limited to reading local logs and writing MDX drafts; it has no network, subprocess, or dynamic execution capabilities. 4. Sanitization: The style-and-structure.md provides content rules requiring the agent to ground every claim in the logs and mark uncertainty, providing a structural defense against hallucinated or injected instructions.

sessions-to-blog