The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external websites.\n
Ingestion points: scripts/agent.py and scripts/process.py retrieve data such as page titles, DOM content, and server headers from the URLScan.io API results.\n
Boundary markers: No explicit delimiters or boundary markers are used to isolate untrusted web content from the agent's prompt context.\n
Capability inventory: The skill possesses the capability to perform network requests (requests library) and write analysis reports to the local file system.\n
Sanitization: The skill lacks sanitization, escaping, or filtering of the retrieved web content before it is processed or displayed by the agent.\n- [DATA_EXFILTRATION]: The skill transmits data to external services for analysis.\n
It connects to urlscan.io and virustotal.com, which are well-known security intelligence platforms.\n
The transmission of URLs to these services is the core function of the skill and aligns with its documented purpose.

analyzing-malicious-url-with-urlscan