The Agent Skills Directory

[Data Exposure & Exfiltration] (LOW): The skill is designed to collect extensive Personal Identifiable Information (PII), including full names, dates and places of birth, home addresses, and detailed financial records (salaries, bonuses, and employer SIRET numbers). While necessary for drafting a legal document, the collection of such sensitive data should be performed in a secure, private session.
[Indirect Prompt Injection] (LOW): The skill ingests untrusted text provided by the user, specifically the content of the dismissal letter and the employee's counter-arguments, which are then used to generate a formal legal document.
Ingestion points: SKILL.md (Section 4: Informations sur la procédure de licenciement
Contenu exact de la lettre de licenciement).
Boundary markers: Absent. The instructions do not define delimiters (e.g., XML tags or clear separators) for user-provided text or instruct the AI to ignore embedded commands.
Capability inventory: The skill directs the agent to create and save a .docx file (Phase 5).
Sanitization: Absent. The skill does not provide instructions for escaping or validating the content of the ingested dismissal letter before interpolation.
[Command Execution] (SAFE): While the skill mentions creating a .docx file and interacting with specific file paths (/home/claude, /mnt/user-data/outputs), it does not provide any scripts to do so, relying instead on the agent's built-in tool capabilities.

requete-cph-licenciement-faute-grave-selim-brihi