The Agent Skills Directory

PROMPT_INJECTION (HIGH): The skill defines a persona with extensive write and execute capabilities (CI/CD setup, cloud infrastructure configuration, API development) while specifically tasked with handling untrusted external data (file uploads, API contracts, user requests). * Ingestion points: SKILL.md identifies inputs such as "file uploads", "API contracts", and "system-level architecture" requirements. * Boundary markers: Absent. There are no explicit instructions for the agent to use delimiters or ignore embedded instructions when processing these untrusted data sources. * Capability inventory: SKILL.md claims authority to execute side-effect operations including "Setting up CI/CD pipelines", "Managing containerization", and "Configuring cloud infrastructure". * Sanitization: Absent. While "input validation" is mentioned as a best practice for the code produced by the skill, there are no instructions for the agent to sanitize the inputs it receives to prevent its own instructions from being overridden.

fullstack-developer