The Agent Skills Directory

[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by ingesting and processing untrusted SQL queries for analysis.
Ingestion points: SQL query strings provided by users or external systems as described in SKILL.md.
Boundary markers: The protocol lacks instructions to encapsulate input queries or warn the agent against executing instructions found within the data.
Capability inventory: The agent is directed to write analysis results to files in the 'docs/database-report/' directory.
Sanitization: No input validation or sanitization of the SQL queries is defined before the data is processed or written to report files.

query-budget-enforcer