The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection surface. The skill is designed to fetch and analyze content from external, untrusted sources including Amazon reviews, Reddit discussions, and social media platforms. Content from these sources could be crafted by an attacker to include hidden instructions that influence the agent's behavior. * Ingestion points: The workflow in SKILL.md (specifically Step 2: Customer Insight Mining and Step 4: Competitor Content Analysis) relies on web_search and web_fetch to retrieve data from external sites. * Boundary markers: The skill does not instruct the agent to use specific delimiters or to ignore instructions embedded within the fetched data. * Capability inventory: The agent uses search and fetch tools to collect and process this information. * Sanitization: The instructions do not define any sanitization or validation steps for the external data before it is processed by the agent.

ecommerce-content-marketing