The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes data from Stack Overflow, an untrusted external source. If a searched post contains malicious instructions, they could potentially influence the agent when it reads the synthesized report.
Ingestion points: SKILL.md (via curl requests to api.stackexchange.com).
Boundary markers: The skill uses markdown headers and blockquotes but lacks specific delimiters or instructions to ignore embedded commands in fetched content.
Capability inventory: Subprocess execution of curl, jq, and python3; file system writes to the RESEARCH/ directory.
Sanitization: No security sanitization is performed on the ingested content beyond HTML entity decoding for display.
[COMMAND_EXECUTION]: The skill relies on local shell commands (curl, jq, and python3) to interact with the API and process data. While these are standard tools, they are used to handle external data.
[EXTERNAL_DOWNLOADS]: The skill fetches data from the Stack Exchange API (api.stackexchange.com), which is a well-known and expected service for the skill's stated purpose.

goosetown-researcher-stackoverflow