The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill has a significant attack surface for indirect injection as it is designed to process arbitrary user-provided content into executable HTML files.
Ingestion points: User-provided text is ingested in phases/01_content_analysis.md and passed through the entire workflow to phases/04_page_implementation.md and phases/05_consolidation.md.
Boundary markers: Absent. There are no instructions or delimiters provided to help the agent distinguish between user data and its own design instructions.
Capability inventory: The skill executes file-write operations to create multiple .html files in the output/ directory, including a consolidated file with active JavaScript navigation logic.
Sanitization: Absent. The agent is not instructed to sanitize or escape user-provided content. Malicious scripts embedded in the 'content' could be verbatim included in the final_presentation.html, leading to XSS vulnerabilities when the resulting file is opened by a user.
[External Downloads] (LOW): The skill references external assets from cdn.tailwindcss.com and cdn.jsdelivr.net (RemixIcon). These are standard frontend dependencies but represent a reliance on external third-party infrastructure. The installation instructions in README.md also point to an untrusted GitHub repository (Cedaric/minimalist-visual-design-skill) which should be verified before use.

MinimalistVisualDesign