The Agent Skills Directory

Prompt Injection (LOW): The script presents a surface for indirect prompt injection in its processing of external UI/UX data.
Ingestion points: Data enters the agent context via search results and design system recommendations generated from external configuration files (CSV_CONFIG).
Boundary markers: The format_output function lacks explicit delimiters (like XML tags) or clear warnings for the agent to distinguish between its own instructions and the retrieved data.
Capability inventory: The script can write files to the local file system through the generate_design_system function when the --persist and --output-dir flags are used.
Sanitization: Result content is truncated to 300 characters, but there is no filtering for malicious instructional patterns or path validation for output directories in the provided search.py file.

ui-ux-pro-max