The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill exhibits a high-risk attack surface due to the combination of untrusted data ingestion and system-level capabilities.
Ingestion points: Uses the Read tool to access user-provided content or files required for generating outlines.
Boundary markers: Absent. There are no instructions or delimiters defined to prevent the agent from obeying instructions embedded within the data it reads.
Capability inventory: Grants broad permissions including Bash, Write, and Edit, allowing for arbitrary command execution and file modification.
Sanitization: None detected. The skill lacks logic to sanitize or escape external content before it influences agent actions.
Command Execution (MEDIUM): The skill requests Bash access, which is excessive and unnecessary for the stated purpose of creating infographic outlines. This violates the principle of least privilege.
No Code (LOW): The skill consists entirely of metadata and instructional markdown without any executable scripts or configuration files, making it impossible to verify its actual behavior during runtime.

infographic-outline-creator