The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interacts with the local file system by updating a SQLite database (elements.db) and creating markdown reports and JSON backups in the extracted_results directory. These actions are restricted to managing the skill's own data and are necessary for its stated goal of building a knowledge library.
[SAFE]: The skill processes untrusted data in the form of user-provided prompts (Indirect Prompt Injection surface). (1) Ingestion points: User text input and extracted_modules.json. (2) Boundary markers: No specific delimiters or safety instructions are defined for the input strings. (3) Capability inventory: The agent can write to local files (DB, JSON, MD) but has no network or shell execution capabilities. (4) Sanitization: The skill implements quality-based filtering (word count and vague term detection) to ensure the integrity of the extracted elements. The risk is assessed as safe given the lack of high-privilege tool access.

universal-learner