The Agent Skills Directory

[SAFE]: The skill implements standard logging practices using trusted libraries like structlog and starlette. It specifically mandates that no sensitive data (passwords, tokens, API keys) should be logged.
[PROMPT_INJECTION]: The skill processes untrusted data such as agent task descriptions and error messages within its logging patterns, which represents a potential surface for indirect prompt injection. This is addressed through standard structural logging and field truncation.
Ingestion points: The execute_agent function in SKILL.md processes the task and exc (exception) variables for logging.
Boundary markers: Untrusted data is stored in specific JSON fields (task, error), providing structural separation, though no explicit delimiters are used within those fields.
Capability inventory: The skill defines logging mechanisms; it does not invoke high-privilege capabilities (network, shell, file-write) based on the contents of the logs.
Sanitization: The skill includes logic to truncate the task string to the first 100 characters, reducing the payload size of untrusted input.

structured-logging