The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted user-provided document content.
Ingestion points: The agent reads and processes markdown documents provided in the user context.
Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from following directives potentially embedded within the documents.
Capability inventory: The skill allows the agent to modify and edit document text based on the content it reads.
Sanitization: While the skill specifies rules for the output format of hash anchors, it lacks explicit sanitization or filtering for the input text to mitigate instruction injection.

doc-add-simple-hash