The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted data from an external codebase and has the capability to modify files and execute tools. ● Ingestion points: The skill instructs subagents to read relevant files from the codebase (SKILL.md). ● Boundary markers: None specified; the instructions do not define clear delimiters to prevent the agent from following instructions embedded in the code being read. ● Capability inventory: The skill utilizes subagents for file system modification and general tool usage. ● Sanitization: No sanitization or validation of external file content is mentioned.

minimalist-surgical-development