The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes standard system commands to gather environment information, such as date for timestamps and ls with basename to identify project directories within the user's home directory (~/.claude/projects/).
[COMMAND_EXECUTION]: The Python script dig.py attempts to run ghq list -p to map project paths to repository names. This is a common developer tool for managing local repositories and is used here for decorative naming purposes.
[DATA_EXPOSURE_AND_EXFILTRATION]: While the skill reads session data (which may contain user prompts and summaries), it does so locally and explicitly states it does not write logs or send data externally. The analysis of the Python script confirms it only outputs the gathered data to the standard output (screen) in JSON format for the agent to render.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from past session logs. However, it treats this data as informational strings for a table/timeline and does not use the content to dynamically construct new commands or bypass safety filters. The risk is minimized as the output is presented directly to the user.

dig