The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill demonstrates an indirect prompt injection surface. \n
Ingestion points: The message and system_prompt variables within the chat, chat_with_system, and conversation functions in SKILL.md. \n
Boundary markers: No markers or delimiters (e.g., XML tags or triple quotes) are suggested to isolate user input from the system instructions. \n
Capability inventory: The skill uses requests.post to send these inputs to a third-party API for processing. \n
Sanitization: No sanitization or validation of the input strings is performed before they are embedded into the JSON request body. \n- [DATA_EXFILTRATION] (SAFE): Network traffic is directed only to the legitimate provider domain modelslab.com. There is no evidence of local file access or unauthorized data transmission. \n- [CREDENTIALS_UNSAFE] (SAFE): API key management in the provided examples correctly utilizes placeholders such as "your_api_key" and "your_modelslab_api_key", avoiding the exposure of actual secrets.

modelslab-chat-generation