The Agent Skills Directory

Indirect Prompt Injection (SAFE): The skill includes functionality for cross-tool data migration and reporting, which involves ingesting data from external APIs (Jira, GitLab, Linear). This represents a potential surface for indirect prompt injection.
Ingestion points: Data enters through the MigrationEngine in cross-tool-migration/README.md and the reporting script in reporting-dashboards/README.md.
Boundary markers: The templates do not currently define explicit boundary markers or 'ignore embedded instructions' warnings for external data fields like issue summaries or descriptions.
Capability inventory: The agent has access to file system modification tools (Write, Edit, TodoWrite) and network-capable tool templates.
Sanitization: The provided Python templates perform basic field mapping but do not include explicit sanitization logic for ingested strings. This is a common design pattern for migration tools and does not constitute a malicious finding.
Unverifiable Dependencies (SAFE): The documentation mentions standard industry packages like pandas and requests in its integration examples. These are used for legitimate project management automation and reporting purposes.

faion-project-manager