The Agent Skills Directory

[SAFE]: The skill instructions define a purely conversational workflow intended to help users stress-test technical ideas. It does not include commands for remote code execution, network exfiltration, or unauthorized file access.- [DATA_EXFILTRATION]: The skill records a summary of the thinking session to a local file at .claude/thinking/<idea-slug>.md. This is a benign operation for managing project-related notes and does not target sensitive system locations or credentials.- [PROMPT_INJECTION]: Evaluation of Indirect Prompt Injection risk: Ingestion points: Technical ideas and problem descriptions provided by the user in SKILL.md. Boundary markers: Not explicitly defined. Capability inventory: File-write operation to local markdown files in SKILL.md. Sanitization: None explicitly required as the agent is instructed to synthesize a summary rather than execute code based on the input. The risk is minimal as the generated content is purely descriptive markdown.

think-through