The Agent Skills Directory

Prompt Injection (LOW): Indirect Prompt Injection surface. The skill is designed to ingest and summarize git commit messages and TODO comments from the codebase, which could contain adversarial instructions.
Ingestion points: Git history and source code grep results.
Boundary markers: Absent. There are no explicit instructions to the agent to distinguish between its primary goals and instructions found within the data it reads.
Capability inventory: Uses Bash, Grep, and Read tools to inspect the local filesystem and build state.
Sanitization: None. The agent does not validate or sanitize external text before including it in the summary context.

liaison