The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing code for auditing.\n
Ingestion points: Code snippets provided for analysis as described in SKILL.md and tests/case1_sqli.md.\n
Boundary markers: Absent; the instructions do not implement delimiters or 'ignore embedded instructions' warnings for external content.\n
Capability inventory: Includes local file reading via scripts/validate.py and common agent-level permissions.\n
Sanitization: No input sanitization or filtering logic is present to identify or neutralize instructions within the code snippets.

ask-owasp-security-review