The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @mindfoldhq/trellis package globally via npm. This is a vendor-owned package belonging to the skill's author and is used to provide the underlying recall functionality.
[DATA_EXFILTRATION]: The skill accesses sensitive local directories to read AI conversation history, including ~/.claude, ~/.codex, and ~/.local/share/opencode. This data access is necessary for the skill's primary purpose of recalling past sessions, and the skill instructions explicitly state that data is processed locally and not uploaded.
[COMMAND_EXECUTION]: The agent is instructed to execute various trellis mem CLI commands (such as search, context, and projects) to interact with the local conversation storage.
[PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by retrieving content from past conversations and interpolating it into the current agent's context. While this is the intended functionality, it means that malicious instructions stored in historical logs could potentially influence the agent's behavior when recalled.

mem-recall