The Agent Skills Directory

Data Exposure (LOW): The skill accesses ~/.claude-analytics/summary.json to read usage history. While this is sensitive metadata describing user activity, it is not exfiltrated or used for high-risk operations.
Indirect Prompt Injection (LOW): The script ingests data from local SKILL.md files (Ingestion: find and grep on local files; Boundaries: None; Capability: Bash utilities; Sanitization: Quoted variables). Malicious skill names could theoretically disrupt the regex check but cannot execute arbitrary code in the current implementation.

analytics-unused