The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill is designed to analyze untrusted code snippets, creating a surface where malicious instructions could influence agent reasoning. 1. Ingestion points: User-provided Drupal forms, controllers, and queries defined in user prompts are processed by the skill guidelines. 2. Boundary markers: The skill utilizes a 'Red Flags' table and a 'Quick Security Checklist' to provide a reasoning framework, though it lacks explicit technical delimiters for input. 3. Capability inventory: The skill is restricted to instructional code review and reasoning; it does not contain capabilities for command execution, network access, or file modification. 4. Sanitization: Absent; the skill does not define specific sanitization or escaping protocols for the untrusted code it evaluates.

drupal-security