The Agent Skills Directory

[PROMPT_INJECTION]: No evidence of direct prompt injection, system prompt extraction, or attempts to bypass agent safety filters was detected. The instructions follow a predefined workflow for survey design.
[DATA_EXFILTRATION]: The skill does not access sensitive local configuration files (e.g., .ssh, .aws) or perform unauthorized network requests. All referenced URLs are for source documentation and legitimate platform metadata.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts, and no third-party package dependencies are declared or installed.
[COMMAND_EXECUTION]: The workflow is restricted to generating markdown documentation and does not involve shell commands, system modifications, or privilege escalation.
[PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill ingests untrusted user context regarding product and audience details (INTAKE.md). 1. Ingestion points: user-provided product and audience context entering the agent prompt. 2. Boundary markers: absent in the provided templates. 3. Capability inventory: markdown documentation generation and user-directed file-system writes for project deliverables. 4. Sanitization: no explicit escaping or validation logic is defined. The risk is assessed as safe given the non-executable nature of the output and the lack of sensitive tool access.

designing-surveys