The Agent Skills Directory

[SAFE] (SAFE): No security issues detected during the audit of the skill instructions and reference materials.\n- Environment Detection: The skill employs standard system checks (ls, command -v, osascript) to identify the host platform (Web, Desktop, or CLI). These operations are benign and used solely for routing logic.\n- File Persistence: Operations are restricted to the local project directory and standard platform mounts (/mnt/project/, /mnt/user-data/). There are no attempts to access sensitive system paths, credentials, or network resources.\n- Human-in-the-Loop Controls: The skill explicitly mandates a 'STOP' pattern after every incremental work step, requiring user acknowledgment before proceeding. This design significantly mitigates risks associated with automated malicious loops.\n- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it ingests 'Work Log' data from files or user input. However, this is inherent to the skill's primary purpose of state management. The risk is minimized by the use of structured YAML frontmatter and the requirement for manual user continuation between parsing and execution steps.

iterating