The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection. Ingestion points: Data enters the context via '.guidelines/blade-components.md' and user-provided '$ARGUMENTS'. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present to isolate untrusted data. Capability inventory: The skill allows use of 'Bash', 'Write', and 'Edit', which provide a high-impact vector for injected commands. Sanitization: No input validation or sanitization is performed on processed content.
[Command Execution] (SAFE): While 'Bash' is an allowed tool, no malicious pre-defined commands or suspicious shell patterns were detected in the instructions.

moonshine-layout