The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill facilitates the creation of LLM-as-a-judge evaluators that interpolate untrusted data (user queries, AI responses, and retrieved context) directly into prompts for analysis. * Ingestion points: Untrusted data is ingested from production traces and spans as documented in 'references/observe-tracing-setup.md' and 'references/error-analysis.md'. * Boundary markers: The documentation recommends using XML tags (e.g., {{output}}) to delineate variables within evaluation templates, as shown in 'references/evaluators-custom-templates.md'. * Capability inventory: The skill uses LLM calls via providers like OpenAI, Anthropic, and Google to execute evaluations. * Sanitization: No explicit sanitization or filtering of interpolated content is demonstrated beyond the recommendation of XML boundary markers.

phoenix-evals