The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the gws CLI tool (a resource from the vendor googleworkspace) to automate various support tasks such as triaging emails and updating status tracking sheets.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and acts upon content from external customer emails. 1. Ingestion points: Reads external data from emails via the gws gmail +triage command in SKILL.md. 2. Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish between the skill's instructions and instructions that may be contained within the email bodies. 3. Capability inventory: The skill has the capability to perform actions such as sending emails, updating spreadsheets, and modifying calendar events via the gws toolset (SKILL.md). 4. Sanitization: No input validation, filtering, or sanitization of the ingested email content is specified.

persona-customer-support