The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes untrusted external data such as meeting transcripts and Google Drive documents, creating an attack surface for indirect prompt injection.\n- Ingestion points: Data enters the agent via the google_drive_fetch and conversation_search tools, as well as via user-provided local file paths for an Obsidian vault as described in SKILL.md and commands/pm.memory.md.\n- Boundary markers: Absent; the instructions do not implement explicit delimiters or system-level warnings to isolate untrusted data from the core operating instructions.\n- Capability inventory: The skill can search, fetch, and update/write markdown files using agent tools and vault access.\n- Sanitization: Absent; there is no logic defined for the validation or sanitization of ingested content before it is processed into reports.

project-status-report