The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The script 'scripts/fetch_blog.py' performs a network request to 'https://fs.blog/feed/' to retrieve RSS data. While this is the intended purpose of the skill, the domain is not on the trusted whitelist.
PROMPT_INJECTION (INFO): The skill ingests untrusted data from an external RSS feed, creating a surface for indirect prompt injection (Category 8). 1. Ingestion points: 'scripts/fetch_blog.py' fetches content from an external RSS URL. 2. Boundary markers: The skill does not use delimiters or instructions to help the agent distinguish between its own logic and instructions that might be embedded in the articles. 3. Capability inventory: The skill is limited to information retrieval and display; it lacks high-privilege capabilities such as file modification, arbitrary command execution, or making secondary network requests based on fetched data. 4. Sanitization: No sanitization is performed on the ingested content beyond basic character replacement for HTML entities.

fs-street