The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes standard system utilities including stat for permission auditing, chmod for enforcing secure file modes (e.g., 600), openssl for high-entropy token generation, and cp for configuration backups. These commands are integral to the skill's defensive and diagnostic functions.
[DATA_EXFILTRATION]: The skill accesses the sensitive file ~/.clawdbot/clawdbot.json, which contains authentication tokens and secrets. This access is required for the skill's primary purpose of security auditing; the data is processed locally to provide a report and is not transmitted to external servers.
[PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by ingesting data from a local JSON configuration file.
Ingestion points: Reads content from ~/.clawdbot/clawdbot.json as defined in SKILL.md.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used for the ingested data.
Capability inventory: The skill has access to shell command execution tools (stat, chmod, openssl, cp).
Sanitization: No explicit sanitization or strict schema validation of the JSON values is performed before reporting.

dont-hack-me