fix: harden agent instruction surfaces

skills/autonomous-agent-harness/SKILL.md

@@ -8,6 +8,12 @@ origin: ECC
 
 Turn Claude Code into a persistent, self-directing agent system using only native features and MCP servers.
 
+## Consent and Safety Boundaries
+
+Autonomous operation must be explicitly requested and scoped by the user. Do not create schedules, dispatch remote agents, write persistent memory, use computer control, post externally, modify third-party resources, or act on private communications unless the user has approved that capability and the target workspace for the current setup.
+
+Prefer dry-run plans and local queue files before enabling recurring or event-driven actions. Keep credentials, private workspace exports, personal datasets, and account-specific automations out of reusable ECC artifacts.
+
 ## When to Activate
 
 - User wants an agent that runs continuously or on a schedule

skills/defi-amm-security/SKILL.md

@@ -20,6 +20,12 @@ Critical vulnerability patterns and hardened implementations for Solidity AMM co
 
 Use this as a checklist-plus-pattern library. Review every user entrypoint against the categories below and prefer the hardened examples over hand-rolled variants.
 
+## Execution Safety
+
+The shell commands in this skill are local audit examples. Run them only in a trusted checkout or disposable sandbox, and do not splice untrusted contract names, paths, RPC URLs, private keys, or user-supplied flags into shell commands. Ask before installing tools or running long fuzzing/static-analysis jobs that may consume significant local or paid resources.
+
+Never include secrets, private keys, seed phrases, API tokens, or mainnet signing credentials in command examples, logs, or reports.
+
 ## Examples
 
 ### Reentrancy: enforce CEI order