The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external content from URLs and documents (PDF, DOCX, etc.), creating a potential surface for indirect prompt injection.
Ingestion points: External resources retrieved via WebFetch or document-conversion tools.
Boundary markers: The skill explicitly requires wrapping content in external content boundary markers.
Capability inventory: File system writes to docs/knowledge-corpus/, command execution via gh api and uv run python, and network operations via WebFetch.
Sanitization: Implements automated 'slop detection' and prompt injection sanitization hooks before content is stored or promoted.
[COMMAND_EXECUTION]: Automates tasks using the GitHub CLI (gh api graphql) to publish knowledge to Discussions and local Python scripts (uv run python scripts/intake_cli.py). These commands are functionally integrated and include user-facing confirmation steps (e.g., '[Y/n]') before execution.
[DATA_EXFILTRATION]: Performs network operations to fetch external resources and publish summaries to GitHub. These actions are transparently documented as core features of the knowledge intake and promotion workflow.

knowledge-intake