The Agent Skills Directory

[SAFE]: No malicious activity or security risks were identified in the skill's logic. The script scripts/build_digest.py performs deterministic data processing and uses standard, safe libraries like json and yaml.safe_load for configuration.
[PROMPT_INJECTION]: Analysis of the indirect prompt injection surface: 1) Ingestion points: The skill reads user-provided task data (titles and notes) from local JSON files or via the Model Context Protocol (MCP) in scripts/build_digest.py. 2) Boundary markers: No delimiters or explicit 'ignore embedded instructions' warnings are present in the output markdown. 3) Capability inventory: The skill is limited to reading files and printing text to stdout; it has no network access or system-modifying capabilities. 4) Sanitization: Input data is interpolated directly into the markdown report without sanitization. The risk is assessed as safe/low due to the lack of dangerous capabilities and the skill's specific reporting purpose.

things-digest-generator