The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface (Category 8) because it creates behavior-defining files for other agents based on untrusted user input. 1. Ingestion points: User responses to clarifying questions in SKILL.md (Workflow Step 1). 2. Boundary markers: Absent; user input is interpolated into IDENTITY.md, SOUL.md, and AGENTS.md templates without delimiters. 3. Capability inventory: The skill utilizes file system operations (mkdir, touch) and the openclaw CLI, and the resulting agents are intended to have tool-use capabilities. 4. Sanitization: No input validation or escaping is implemented.

openclaw-agent-builder