The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides installation instructions for the official @anthropic-ai/claude-code package from npm, which is a well-known and trusted package from Anthropic.
[COMMAND_EXECUTION]: The skill facilitates and describes the use of a powerful CLI tool that possesses capabilities for shell command execution (Bash), file system manipulation (Read/Write), and project management (Git). It provides configuration examples for 'hooks' that execute arbitrary shell commands, such as PowerShell scripts for audio feedback or logging actions to the file system. It also documents the use of the --dangerously-skip-permissions flag, which allows for autonomous operation without user confirmation.
[PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by instructing the agent to treat local project files as authoritative sources of context and rules. If an attacker can modify these files, they could influence the agent's behavior.
Ingestion points: Local configuration and context files including CLAUDE.md, MEMORY.md, and project-specific memory files.
Boundary markers: Absent; the agent is instructed to load and follow these files at the start of every session without specific constraints to ignore embedded instructions.
Capability inventory: The agent has access to highly privileged tools including shell execution (Bash), file reading and writing (Read, Write), and the ability to orchestrate background sub-agents (Task).
Sanitization: No sanitization or validation of the content within these contextual files is described or implemented.

claude-code-expert