The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill is designed to process external code and configuration files for credentials, which serves as an ingestion point for untrusted data that could contain malicious instructions. 1. Ingestion points: External files accessed via the Read and Grep tools. 2. Boundary markers: No delimiters or ignore-instructions warnings are defined. 3. Capability inventory: Bash(npm:*), Read, Write, Grep. 4. Sanitization: No input validation or content escaping is described in the skill documentation.

hardcoded-credential-finder