Project Context Sync

The skill `project-context-sync` is designed to auto-update a `PROJECT_STATE.md` file in a Git repository after each commit. It achieves this by installing a `post-commit` Git hook. The skill can optionally use a local Clawdbot AI gateway to generate smart summaries, which involves reading the `CLAWDBOT_TOKEN` from `~/.clawdbot/clawdbot.json` and making a `curl` request to `http://localhost:$GATEWAY_PORT`. While accessing a credential file (`~/.clawdbot/clawdbot.json`) is a sensitive operation, it is explicitly documented in `SKILL.md` and `README.md`, and the token is used solely for local communication with the Clawdbot gateway, aligning with the skill's stated purpose. There is no evidence of data exfiltration to external endpoints, malicious execution, or prompt injection attempts against the agent.