The Agent Skills Directory

Prompt Injection (LOW): Indirect Prompt Injection Surface. The skill provides patterns for handling untrusted data from forms and content updates. 1. Ingestion points: Untrusted data enters via the $inquiry (form submissions) and $topics (content updates) variables in SKILL.md and references/integrations.md. 2. Boundary markers: Absent. Examples do not show the use of delimiters to separate data from instructions in downstream API calls or notifications. 3. Capability inventory: The skill utilizes capabilities including api_request (network), slack_send, send_mail, and write_file (file system). 4. Sanitization: While some examples use |strip_tags or |escapeCSV, these provide formatting rather than robust security-focused sanitization against malicious instructions embedded in user-supplied text.

kuroco-webhook-processing