The Agent Skills Directory

[PROMPT_INJECTION]: The skill facilitates the processing of untrusted external data, creating an attack surface for indirect prompt injection. * Ingestion points: The instructions in SKILL.md direct the agent to read '.claude/product-marketing-context.md' before acting, and the framework in references/reverse-engineering.md describes a process for analyzing large datasets of scraped social media posts. * Boundary markers: The skill does not define clear delimiters or specific instructions to ignore malicious prompts that might be embedded within the marketing context or scraped social media data. * Capability inventory: While the skill itself does not contain executable scripts, it leverages the agent's ability to read files and generate content, which could be subverted by injected instructions. * Sanitization: There is no mention of sanitizing, escaping, or validating the content retrieved from external sources before it is processed by the agent.

social-content