The Agent Skills Directory

[SAFE]: No malicious patterns detected. The skill defines a standard architectural pattern for persisting data using platform-native triggers.
[PROMPT_INJECTION]: The skill describes a state management system which creates a surface for indirect prompt injection. 1. Ingestion points: Data enters the state store through state::set and state::update operations defined in SKILL.md. 2. Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded commands when processing retrieved state data. 3. Capability inventory: The skill exposes triggers for state::get, state::set, state::list, state::delete, and state::update. 4. Sanitization: There is no mention of sanitization, escaping, or validation for the values stored or retrieved via the state management API.

iii-state-management