The Agent Skills Directory

[PROMPT_INJECTION]: The skill documentation includes recipes for components like RemotePDFView and MapView that process data from external sources (URLs and annotations). This represents a potential surface for indirect prompt injection where malicious instructions embedded in the fetched content could attempt to influence the agent's behavior. 1. Ingestion points: The RemotePDFView component in references/representable-recipes.md fetches data from an external URL using URLSession. 2. Boundary markers: The provided code templates do not include explicit markers or instructions to delimit or ignore content within the fetched data. 3. Capability inventory: The skill demonstrates network data retrieval (URLSession) and UI rendering of rich text and PDF content. 4. Sanitization: No content validation or sanitization logic is demonstrated for the retrieved data.
[EXTERNAL_DOWNLOADS]: The skill includes code snippets that demonstrate fetching content from remote URLs, such as loading a PDF from a placeholder URL (example.com). This is a standard implementation of networking functionality for the described use cases.

swiftui-uikit-interop