The Agent Skills Directory

External Downloads (LOW): The documentation in references/harness_and_memory.md references an external GitHub repository (https://github.com/DiTo97/deepagents-backends) for S3 backend support. This repository is not within the defined trusted organizations list. While it is a documentation reference rather than an automated execution script, users should verify the source before integrating this extension.
Indirect Prompt Injection Surface (LOW): The skill describes patterns for agents with high-privilege capabilities such as code execution (run_tests), filesystem modifications (write_file), and deployment (git_push, deploy_code). These agents ingest untrusted data from RAG sources and MCP tools as described in references/advanced_retrieval_and_rag.md and references/mcp_and_tooling.md.
Ingestion points: Retrieval agents using FAISS and remote tools via MCPClient.
Boundary markers: The skill recommends "Context Hygiene" and structured reasoning, though specific delimiter examples (e.g., XML tags) are not explicitly shown in the code snippets.
Capability inventory: Extensive filesystem, shell execution, and cloud storage capabilities are documented across the framework.
Sanitization: The skill mitigates risks by explicitly documenting and recommending GuardrailMiddleware (for PII/sentiment) and FilesystemMiddleware (for sandboxing) as shown in references/guardrails_and_validation.md.

langchain-architecture