The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): The skill parses untrusted content from CHANGELOG.md and coordination logs using the parseChangelog and aggregateDecisions functions. Since this data is presented back to the agent to help it 'understand rationale,' malicious text in the history could influence the agent's future behavior or reasoning.
[Command Execution] (LOW): The skill executes local Node.js scripts (e.g., hooks/bin/decision-history.mjs) to perform its tasks. This is standard behavior for CLI-based skills but assumes the project's internal hooks directory is secure and not tampered with.

decision-history