The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill reads from ~/.claude/settings.json, which is a sensitive global configuration file. This file contains the agent's environment settings and information about enabled plugins.
[COMMAND_EXECUTION]: The skill has the capability to modify the agent's operating environment by updating ~/.claude/settings.json to disable plugins that are not from the vendor's marketplace. Although it includes a user confirmation step, the ability to programmatically alter agent settings and disable other software components constitutes a significant configuration management capability.
[PROMPT_INJECTION]: The skill implements an indirect prompt injection surface through its file generation logic.
Ingestion points: Project-specific data is ingested from package.json (specifically the name and description fields).
Boundary markers: None identified; the skill performs direct string replacement of templates placeholders like {{PROJECT_DESCRIPTION}} and {{PROJECT_NAME}}.
Capability inventory: The skill writes the interpolated content directly to the project's root as AGENTS.md and CLAUDE.md, which the agent then treats as its primary instructions.
Sanitization: No sanitization or validation of the input strings from package.json is performed before they are written to the instruction files.

ln-014-agent-instructions-manager