The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill incorporates tools for searching and fetching web content, which exposes the agent to indirect prompt injection from external sources. Ingestion points: Web data is accessed via 'mcp__firecrawl__firecrawl_search' and 'WebFetch' in the SKILL.md definition. Boundary markers: The instructions do not define clear boundaries or 'ignore' directives for content retrieved from these tools. Capability inventory: The agent is permitted to use file system tools ('Write', 'Edit', 'TodoWrite'), creating a potential path for data manipulation if untrusted content contains malicious instructions. Sanitization: There is no evidence of sanitization or validation for data retrieved from external sources before being processed by the LLM.

project-management-guru-adhd