database-expert

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes a "Memory Protocol" that explicitly instructs the agent to run a shell command to read an internal file (.claude/context/memory/learnings.md) and to record internal memory, which is an instruction to access/exfiltrate agent-internal data unrelated to the database-expert's stated purpose, so it's a prompt injection.