The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell scripts in 'Preamble' and 'Telemetry' sections to manage application state. These scripts read from and write to ~/.superstack/config.json and log events to ~/.superstack/telemetry.jsonl.
[DATA_EXFILTRATION]: Usage data, including skill name, phase, and platform metadata (operating system and architecture), is sent to a remote endpoint via curl. This process is transparently disclosed to the user through an initial consent prompt and utilizes a destination URL stored in the user's local configuration file.
[PROMPT_INJECTION]: The workflow incorporates data from external files, specifically .superstack/idea-context.md and .superstack/build-context.md. These serve as ingestion points for untrusted data. While there are no explicit boundary markers or sanitization processes mentioned to prevent instructions within these files from influencing the agent, the capability is used for product context gathering and is consistent with the skill's primary purpose.

roast-my-product