The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to ingest and process data from external sources provided by the user.
Ingestion points: Data enters the context via shared document links (Google Drive, SharePoint), user-uploaded files, and integrated messaging platform channels (Slack, Teams) as specified in SKILL.md.
Boundary markers: The instructions lack explicit delimiters or system-level warnings to distinguish between user-provided data and the agent's core operational instructions.
Capability inventory: The skill uses create_file and str_replace tools and has the potential to interact with productivity software APIs via Model Context Protocol (MCP) integrations.
Sanitization: There is no defined process for sanitizing or validating the content retrieved from external links or files before the agent processes it for document drafting.
[EXTERNAL_DOWNLOADS]: The skill integrates with well-known productivity and communication services to retrieve content.
Evidence: The workflow references fetching context from Google Drive, SharePoint, Slack, and Microsoft Teams.
[COMMAND_EXECUTION]: The skill instructs the agent to use specific tools for file system management during the drafting process.
Evidence: Uses create_file to generate document scaffolding and str_replace to perform granular updates to the draft files.

doc-coauthoring