The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data such as emails, websites, and PDFs, which introduces a potential surface for indirect prompt injection. * Ingestion points: External content is analyzed during Security Hardening and Self-Healing heartbeat cycles. * Boundary markers: Instructions explicitly state to treat external content as data for analysis, not as commands. * Capability inventory: The agent can modify workspace files (USER.md, SOUL.md, TOOLS.md) and execute a security audit script. * Sanitization: Includes a heartbeat check to scan for common injection patterns like 'ignore previous instructions'.
[COMMAND_EXECUTION]: The skill instructs the agent to run a local security script (scripts/security-audit.sh) and perform self-healing tasks which may involve executing system commands to fix issues or manage resources (e.g., using 'trash' for file deletion).

proactive-agent