The Agent Skills Directory

Indirect Prompt Injection (MEDIUM): The script facilitates the ingestion of external data that could contain malicious instructions designed to influence the agent's behavior.
Ingestion points: The script accepts a query via CLI and retrieves data from local storage/data files via core.search and core.search_stack (referenced in scripts/search.py).
Boundary markers: Absent. Search results are interpolated directly into Markdown headers (### Result i) and list items without delimiters or 'ignore' instructions.
Capability inventory: While this script primarily performs read/display operations, the formatted output is explicitly intended for 'Claude consumption', meaning its output directly influences the agent's reasoning and subsequent tool calls.
Sanitization: The script performs character truncation (300 chars) but lacks any sanitization to prevent embedded instructions in the search results from being executed by the agent.
Unverifiable Dependencies (LOW): The script imports from core.py and design_system.py. These files are not provided in the source, meaning the actual search implementation and data source handling cannot be fully audited for safety (e.g., file system access or network calls).

ui-ux-pro-max