The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/compress.py executes the claude CLI to perform compression as a fallback mechanism when no API key is provided in the environment. * Evidence: subprocess.run(["claude", "--print"], input=prompt, text=True, capture_output=True, check=True) in scripts/compress.py.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted text from user-provided files and interpolates it into an LLM prompt. * Ingestion points: The scripts/compress.py file reads the entire content of the user-targeted file (e.g., CLAUDE.md). * Boundary markers: The prompt template in scripts/compress.py uses a TEXT: header but lacks robust delimiters or explicit instructions for the model to ignore embedded commands in the input data. * Capability inventory: The orchestrator script has the ability to overwrite local files and execute external commands via subprocess. * Sanitization: No sanitization or filtering is performed on the file content before it is sent to the LLM for processing.

caveman-compress