The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple bash commands to identify the project environment and fetch data.
Uses git rev-parse to detect worktrees and resolve parent project paths.
Uses curl to fetch the complete project timeline from a local worker service at http://localhost:37777/api/context/inject.
Executes sqlite3 ~/.claude-mem/claude-mem.db to run analytical queries on the project's memory database.
[DATA_EXFILTRATION]: The skill accesses a sensitive local database path containing the project's persistent memory.
Sensitive Path: Accesses ~/.claude-mem/claude-mem.db, which stores observations, code snippets, and development history.
The data is processed locally by the agent to generate a report, but users should be aware that all historical data recorded by claude-mem is exposed to the analysis agent.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the project timeline data.
Ingestion points: The full timeline fetched via curl and database query results are injected directly into the subagent's prompt ([TIMELINE CONTENT GOES HERE]).
Boundary markers: The skill lacks robust boundary markers or 'ignore' instructions to prevent the agent from obeying malicious instructions that might be embedded within the recorded project observations.
Capability inventory: The subagent has the capability to write files to the local file system (./journey-into-PROJECT_NAME.md) and execute SQL queries.
Sanitization: No evidence of sanitization or filtering of the timeline content before it is passed to the analysis agent.

timeline-report