The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates user-provided data, such as task_description and student_profiles, directly into the AI prompt template. Ingestion points: Untrusted data enters the context through several YAML-defined input fields in SKILL.md. Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the user input. Capability inventory: The skill has no access to external tools, file system writes, or network operations. Sanitization: There is no evidence of input validation or escaping for the interpolated content.
[SAFE]: The student_profiles input field is designed to process individual student data. While this creates a data ingestion surface, the lack of network or file-writing capabilities prevents data exfiltration or unauthorized exposure.
[NO_CODE]: The skill does not include any scripts, binaries, or dependencies. All logic is contained within the natural language prompt and metadata, ensuring no capability for system-level compromise or unauthorized code execution.

self-regulation-scaffold-generator