Janitor

The `SKILL.md` file contains instructions that create a significant prompt injection vulnerability. Specifically, the agent is instructed to check `TOOLS.md` for 'API keys and configs' and to 'Verify all agent skill configs', directly prompting it to interact with files likely containing sensitive credentials. While the stated purpose is 'accuracy' or 'verification', this primes the agent to read and process sensitive data, making it susceptible to further prompt injection to exfiltrate or misuse this information. Additionally, the 'Don't touch SOUL.md, USER.md, or IDENTITY.md without explicit permission' instruction highlights other sensitive targets the agent could access if prompted.