The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill presents a surface for indirect prompt injection because it allows the ingestion of untrusted web data alongside high-privilege execution tools. Ingestion points: External data enters the agent context via 'WebFetch' and 'mcp__firecrawl__firecrawl_search' tools. Boundary markers: Absent; no instructions or delimiters are provided to the agent to distinguish between its core logic and potentially malicious instructions embedded in fetched web content. Capability inventory: The agent is granted 'Bash' (shell execution), 'Write', and 'Edit' capabilities, which could be exploited if an external source contains a successful prompt injection. Sanitization: Absent; there is no logic provided to escape or validate external inputs before they are processed or used in shell commands.

hrv-alexithymia-expert