The Agent Skills Directory

[PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection through its core functionality of processing untrusted data.
Ingestion points: Untrusted data enters the agent context via the $ARGUMENTS variable in SKILL.md.
Boundary markers: There are no explicit delimiters or instructions to the model to ignore potential injection attempts within the input string.
Capability inventory: The skill does not possess any dangerous capabilities; it lacks file system access, network operation tools, and shell command execution primitives.
Sanitization: No sanitization, escaping, or validation of the user-provided input is performed before the reformulation process.

optimize-prompt