The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs recursive directory deletion (rm -rf) on subdirectories within the ~/.clawteam/ directory to reset environment state. It also manages system processes and git state using tmux kill-session and git worktree remove --force.- [DATA_EXFILTRATION]: The skill enumerates local directories, git branches, and worktrees using git worktree list, git branch, and ls ~/.clawteam/. While no external network exfiltration was detected, the skill accesses and verifies tool-specific data structures on the local file system.- [PROMPT_INJECTION]: The skill ingests and displays messages from external agents via clawteam task wait and clawteam inbox receive. This presents an indirect prompt injection surface where malicious output from a worker agent could attempt to influence the supervisor agent. Remediation: Wrap external agent content in explicit delimiters (e.g., XML tags) and include instructions for the supervisor to ignore any embedded commands or directives within those markers.

clawteam-dev