The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to process untrusted data from external sources (user-reported email files).
Ingestion points: The scripts scripts/agent.py and scripts/process.py read and parse raw email content from .eml files provided via command-line arguments.
Boundary markers: The skill lacks explicit boundary markers or isolation instructions to prevent the agent from interpreting the content of the reported emails as instructions rather than data.
Capability inventory: The skill possesses capabilities to perform network operations via the requests library (contacting VirusTotal and ticketing systems) and has file-writing permissions for report generation.
Sanitization: While the code performs structured parsing of email headers and attachments, it does not sanitize or escape the body of the email before including it in the analysis results and reports, leaving a surface for malicious instructions to reach the agent's context.

building-phishing-reporting-button-workflow