The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates data processing through several bash scripts that execute system commands including jq, ls, find, and the fabric CLI tool for automation and topic inference.
[DATA_EXFILTRATION]: The skill reads Claude Code conversation logs from the user's local projects directory (~/.claude/projects/). This data is piped to the fabric tool, which sends the content to configured external LLM providers for processing.
[EXTERNAL_DOWNLOADS]: Documentation and scripts recommend installing the fabric CLI tool from its official repository. This is a well-known tool and is documented neutrally as a safe external dependency.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its primary function is to process and summarize untrusted data from past conversations.
Ingestion points: Conversation logs are read from the local file system by scripts/parse_conversation.sh.
Boundary markers: The extraction pipeline lacks delimiters or safety instructions to prevent the AI from following malicious instructions contained in the analyzed text.
Capability inventory: The skill possesses file system access and the ability to execute subprocesses.
Sanitization: No sanitization of the extracted conversation text is performed before it is passed to the AI patterns.

extract-skill-from-conversation