The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute shell commands for log analysis.
Evidence: The instructions guide the agent to construct commands like cat ~/.claude/logs/sessions-2026-02-{01..23}.jsonl and use jq to parse the results.
Risk: The skill relies on the agent to correctly parse user intent for dates and session IDs. If these values are not properly sanitized before being interpolated into shell commands, it could lead to command injection.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes data from logs that contain previous user-controlled input.
Ingestion points: The skill reads from prompts-*.jsonl and tool-usage-*.jsonl inside the ~/.claude/logs/ directory.
Boundary markers: Absent. There are no delimiters or instructions provided to ensure the agent ignores instructions that might be embedded within the log entries.
Capability inventory: The skill is authorized to use the Bash tool to perform file system operations and data processing.
Sanitization: No sanitization, escaping, or validation logic is present to filter malicious instructions contained within the processed log data.

stats