The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local Python script search_prompts.py using python3. It interpolates user-controlled variables like SUBJECT and MODEL directly into the shell command. This pattern presents a risk of command injection if the user input contains shell metacharacters that are not properly sanitized.
[DATA_EXPOSURE]: The skill accesses the local file system to read {PROMPT_ENGINE_DIR}/references/model-guide.md and execute scripts within the {PROMPT_ENGINE_DIR} directory. While these are intended as internal resources, the workflow depends on accessing paths relative to an environment-defined variable.
[INDIRECT_PROMPT_INJECTION]: The workflow involves searching a database of over 2,500 prompts and presenting them to the user as references. If the database content originates from untrusted sources, it could serve as a vector for indirect prompt injection, potentially influencing the agent's behavior during the prompt construction process.

prompt-build