The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating user-provided arguments directly into its instructions.\n- Ingestion points: User input is ingested via the $ARGUMENTS placeholder in SKILL.md.\n- Boundary markers: The skill lacks delimiters or explicit instructions to the agent to treat input as data rather than instructions.\n- Capability inventory: No direct command execution is present in this file; capabilities are restricted to text generation via a sub-agent.\n- Sanitization: There is no evidence of input validation or sanitization for the $ARGUMENTS variable.

write-as-me