The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements a 'Memory Protocol' that instructs the agent to read from and write to shared files in the .claude/context/memory/ directory. This creates a surface for indirect prompt injection where instructions stored in those files could influence agent behavior. Ingestion points: The agent is directed to read .claude/context/memory/learnings.md as specified in SKILL.md. Boundary markers: No specific markers or delimiters are used to separate untrusted memory content from instructions. Capability inventory: The skill has access to Bash, Read, and Write tools as defined in the YAML frontmatter. Sanitization: No input validation or sanitization is performed on the memory file content.
[COMMAND_EXECUTION]: The runbook templates in SKILL.md contain various operational bash commands including kubectl for Kubernetes cluster management, curl for health checks and API interactions, and psql for database administration. These commands are provided as part of the documentation templates for incident response.

incident-runbook-templates