The Agent Skills Directory

[PROMPT_INJECTION]: The 'subagent startup contract' uses instructions such as 'あだけだっけあ <内元プロンプト名> を白紙で読む実行者です' (You are an executor who reads with a clean slate). This phrasing is designed to remove developer bias during testing but aligns with 'ignore previous instructions' and 'role-play' injection patterns used to bypass agent constraints.
[INDIRECT_PROMPT_INJECTION]: The skill provides a framework for processing and executing untrusted 'Target Prompts' via subagents, creating a vulnerability surface.
Ingestion points: The subagent startup contract in SKILL.md accepts arbitrary prompt content to be tested.
Boundary markers: Employs markdown headers as delimiters, which can be bypassed by adversarial structured input.
Capability inventory: Utilizes the Task tool to dispatch and execute subagents based on the provided inputs.
Sanitization: No explicit sanitization or validation of the input prompt is mentioned before it is passed to the subagent.

empirical-prompt-tuning