The Agent Skills Directory

[PROMPT_INJECTION]: The skill metadata identifies the author as 'clerk', which contradicts the authoritative author context of 'midudev'. This deceptive naming can lead a user to believe the skill is an official product provided by the service vendor.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is instructed to process content from external sources.
Ingestion points: The skill instructions involve using 'WebFetch' to retrieve documentation and patterns from 'clerk.com' and 'github.com/clerk'.
Boundary markers: The instructions do not provide delimiters or guidance to the agent to distinguish between implementation documentation and potentially malicious instructions embedded within the fetched content.
Capability inventory: The agent has the capability to modify project source code, update build configurations, and install new SDK dependencies.
Sanitization: No explicit sanitization, validation, or filtering of the externally fetched content is performed before it is used to generate implementation steps.
[EXTERNAL_DOWNLOADS]: The skill fetches documentation and implementation samples from official Clerk repositories and websites. While these are well-known and reputable sources, they represent external data entering the agent's context.
[COMMAND_EXECUTION]: The skill manages project setup by instructing the agent to add official Clerk SDK artifacts ('com.clerk:clerk-android-api' and 'com.clerk:clerk-android-ui') to the Android project's Gradle dependency configuration.
[CREDENTIALS_UNSAFE]: The skill handles Clerk publishable keys by requiring user input and implementing verification gates to ensure valid keys are used for SDK initialization. While it involves credential handling, it follows standard vendor practices for client-side keys and includes safety checks.

clerk-android