The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill utilizes the httpx library to perform network requests to external URLs in the chunk_webpage and crawl_site functions. This is a primary function of the skill but involves connecting to non-whitelisted domains.
[PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. Evidence Chain: 1. Ingestion points: Untrusted data enters the agent context via chunk_webpage, crawl_site (fetching external HTML), and chunk_pdf (reading PDF files). 2. Boundary markers: Absent. Content is returned in structured dictionaries but lacks explicit delimiters or instructions for the agent to ignore embedded commands within the text. 3. Capability inventory: The skill performs network operations and file reading but does not contain dangerous execution sinks like eval() or subprocess calls using the ingested data. 4. Sanitization: The extraction logic focuses on content retrieval and does not implement sanitization or filtering to remove potential malicious instructions embedded in the source documents.

knowledge-ingestion-patterns