The Agent Skills Directory

SAFE (SAFE): No malicious code, obfuscation, or persistence mechanisms were detected. The skill consists solely of markdown instructions for a local CLI tool.\n- Data Exposure (SAFE): The skill documentation mentions accessing ~/.gemini/settings.json and ~/.gemini/history/. These paths are internal to the application the skill manages and do not involve unauthorized access to sensitive system files like SSH keys or cloud credentials. No network tools are enabled to facilitate exfiltration.\n- Indirect Prompt Injection (LOW): The skill provides a surface for indirect injection by delegating lookups to an external documentation skill.\n
Ingestion points: Documentation is queried and ingested from the gemini-cli-docs skill (SKILL.md).\n
Boundary markers: Strong instructional boundaries are present, including mandatory directives to base responses exclusively on the official documentation loaded.\n
Capability inventory: The skill's capabilities are restricted to Read, Glob, Grep, and Skill. No shell execution, system modification, or network tools are permitted.\n
Sanitization: No automated sanitization of external documentation is described beyond the requirement for the agent to follow strict instructions.

gemini-checkpoint-management