The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests untrusted data from external sources including Slack messages (Step 2) and Fireflies meeting transcripts (Step 3). There are no defined boundary markers or sanitization procedures to prevent the agent from executing instructions that might be embedded in those messages.
[COMMAND_EXECUTION]: The skill includes a capability to write summaries directly to the local filesystem (Step 5). While this is a declared feature in the metadata ('save to filesystem'), it represents a risk factor if the agent's behavior is influenced by malicious content found in the ingested communication data.

p-activity-digest