The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to generate and execute comprehensive bash scripts to manage file synchronization, permissions (chmod 600), and Git operations. This includes a 'One-time actions' system that executes arbitrary shell commands provided in a configuration file.
[DATA_EXFILTRATION]: Configuration files, which are noted to potentially contain sensitive data such as API keys and shell profiles, are synchronized to iCloud Drive.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing instructions and manifests from external, user-controllable files.
Ingestion points: The agent reads the synchronization manifest and 'One-time actions' list from a README.md and git-repos.yaml file located in the iCloud sync folder.
Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading these external files.
Capability inventory: The skill leverages bash execution capabilities to perform file system writes, network-based Git operations (push/pull), and execution of arbitrary script blocks.
Sanitization: The skill does not define validation or sanitization routines for the content of the manifests or the bash commands found in the 'One-time actions' section before they are executed.

synthesis-mac-sync