The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted HTML content.
Ingestion points: HTML files and directories provided by the user for analysis in SKILL.md and through the scripts/analyze.sh script.
Boundary markers: Absent; there are no specific delimiters or instructions to ignore potential commands embedded within the HTML source code.
Capability inventory: The skill utilizes a bash script (using find and grep) to perform checks and instructs the agent to generate actionable code recommendations and fixes.
Sanitization: No content filtering, escaping, or validation of the analyzed HTML files is implemented before processing.

web-quality-audit