The Agent Skills Directory

[SAFE]: The skill provides legitimate architectural patterns for e-commerce recommendations.
[SAFE]: Third-party tools recommended (LimeSpot, YITH, Frequently Bought Together) are established and reputable within their respective platform ecosystems.
[SAFE]: Custom implementation code follows secure coding practices, such as using ORM-like abstractions for database access and static SQL for batch processing, which minimizes risks of injection.
[PROMPT_INJECTION]: Potential Indirect Prompt Injection Surface. The personalization logic processes product metadata (tags, categories) which may be sourced from untrusted inputs. While the current implementation uses this data for mathematical vectorization (which is safe), developers should be aware that if these strings are subsequently used in LLM-generated content (e.g., personalized emails or descriptions), they should be properly sanitized to prevent indirect injection attacks. * Ingestion points: Product tags and category names are fetched from the database in lib/recommendations.ts. * Boundary markers: Absent in the code snippets; data is processed as raw strings for vectorization. * Capability inventory: Database read operations (db.products.findMany) and Redis caching (redis.setex). * Sanitization: No sanitization of product metadata is performed before processing or caching.

personalization-engine