The Agent Skills Directory

[DATA_EXFILTRATION]: The skill contains logic to read project files (codebase exploration) and migration routines to upload local memory and history files (MEMORY.md, HISTORY.md, and session transcripts) to the Honcho cloud service. This behavior is the stated core purpose of the skill for memory synchronization. Evidence: Found in references/bot-frameworks/nanobot/session.py (functions migrate_local_history, migrate_memory_files) and SKILL.md (Phase 1 exploration).
[PROMPT_INJECTION]: The skill recommends integration patterns (e.g., Pattern B in SKILL.md and nanobot/honcho_tool.py) that interpolate untrusted data fetched from the Honcho memory service directly into system prompts. This creates an indirect prompt injection surface if the stored memory contains malicious instructions designed to influence the agent.
Ingestion points: Data enters via peer.chat() or session.context() responses from the Honcho API.
Boundary markers: Absent from the recommended prompt templates (e.g., build_system_prompt in SKILL.md), which lack delimiters or instructions to ignore commands within the context.
Capability inventory: The skill uses Write, Glob, Grep, and Bash (via uv, bun, npm) to modify the codebase and manage the project environment.
Sanitization: No sanitization or validation logic is provided in the integration examples to handle the external content before it is processed by the agent.

honcho-integration