The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses directive language and markers to override standard agent conversational flows and safety explanations. Evidence: The 'CRITICAL: Auto-start on load' section instructs the agent to skip summaries and explanations and start execution immediately upon triggering.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted data from local files. Ingestion points: The agent reads the most recent post file and 'about-me.md' from the project. Boundary markers: No delimiters or protective instructions are used to separate the ingested data from the agent's instructions. Capability inventory: The skill can save HTML files to the disk and generate instructions for other AI models (image prompts). Sanitization: No sanitization or escaping is performed on the data extracted from the post files before it is used in code or prompts.
[COMMAND_EXECUTION]: The skill performs file system operations by generating and saving HTML files based on content from external files. Evidence: Path A explicitly instructs the agent to 'Save the HTML file' with distilled content. This dynamic generation of script-capable files from untrusted input could lead to Cross-Site Scripting (XSS) or other malicious execution if the post content contains encoded scripts.

graphic-designer