The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to ingest and process unstructured legal text from external web sources, which creates a potential surface for indirect prompt injection.
Ingestion points: External state legislature and court websites scraped via Firecrawl (referenced in SKILL.md and references/url-patterns-by-state.md).
Boundary markers: None identified; the agent is not explicitly instructed to ignore or treat scraped text as data rather than instructions.
Capability inventory: The skill includes local file system read/write operations and script execution capabilities (via validate-scraped-data.ts) for data validation and management.
Sanitization: While the provided validation script checks for structural integrity such as URL format and content length, it does not sanitize or filter the extracted text content for malicious prompts.
[EXTERNAL_DOWNLOADS]: The skill references official state government domains (.gov) and well-known legal repositories as authoritative data sources. These references are documented neutrally as they target trusted, official entities for legal research and do not involve the execution of untrusted remote code.
[COMMAND_EXECUTION]: The skill utilizes local scripts for data processing and validation tasks. The included script (scripts/validate-scraped-data.ts) is limited to standard file system operations to read and validate JSON data files within the local project directory and does not execute arbitrary shell commands.

2026-legal-research-agent