The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The skill installs the @anthropic-ai/claude-code package via npm. This is a legitimate external dependency required for the skill's primary function of providing access to Claude Code. While the npm scope @anthropic-ai is not on the specific trusted list, it is the official source for the tool.\n- COMMAND_EXECUTION (LOW): The skill executes the claude binary to perform its tasks. The documentation also references a local script run-claude-task.cjs which is not provided for analysis, and highlights the --dangerously-skip-permissions flag which bypasses user confirmations for file edits.\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from the local filesystem or stdin.\n
Ingestion points: Processes file content through commands like claude -p < myfile.py and directory monitoring via the --add-dir option.\n
Boundary markers: No specific boundary markers or 'ignore' instructions are defined in the provided markdown to isolate untrusted file content from instructions.\n
Capability inventory: The claude CLI has broad capabilities including file system read/write, network access for model interaction, and autonomous file editing.\n
Sanitization: No sanitization or validation of the ingested file content is mentioned before it is processed by the AI model.

ogt-cli-claude