The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill ingests untrusted user data to generate reports, presenting a surface where malicious instructions in descriptions could influence the agent. 1. Ingestion points: The argument and files read during the discovery phase. 2. Boundary markers: The skill does not use delimiters or specific isolation instructions to separate untrusted data from internal logic. 3. Capability inventory: The skill utilizes Read, Write, Glob, and Grep tools, as well as the ability to call other skills. 4. Sanitization: No validation or sanitization of user-provided content is performed before generating YAML or Markdown outputs.

capability-mapping