The Agent Skills Directory

[Prompt Injection] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests external content to fulfill its purpose. Ingestion points: Data enters the agent via the WebSearch and Read tools. Boundary markers: Absent; there are no instructions provided to the agent to distinguish between internal instructions and potentially malicious data embedded in web search results. Capability inventory: The toolset is limited to information gathering (Read, Glob, Grep, WebSearch) and internal task management (Task); no tools for arbitrary shell execution, persistent file writing, or network exfiltration are present. Sanitization: No sanitization or filtering of external content is specified.
[Data Exposure] (SAFE): No hardcoded credentials or sensitive file paths were detected in the skill configuration.
[Remote Code Execution] (SAFE): No patterns for remote code downloads or execution were found.

national-expungement-expert