The Agent Skills Directory

[COMMAND_EXECUTION]: The example.html file utilizes HTML entity encoding to obscure potentially destructive system and database commands within a presentation slide. Although these are intended as examples of 'forbidden' actions in a safety brief, the use of character encoding to hide strings like 'rm -rf' and 'drop table' is a characteristic obfuscation technique.
Evidence (file: example.html): rm -rf / decodes to rm -rf /.
Evidence (file: example.html): drop table decodes to drop table.
Evidence (file: example.html): force push origin main decodes to force push origin main.
[PROMPT_INJECTION]: The skill provides instructions for generating HTML slide decks based on user input but fails to incorporate safety measures against indirect prompt injection, such as the use of boundary markers or data sanitization.
Ingestion points: The instructions in SKILL.md direct the agent to populate slide templates using user-supplied content.
Boundary markers: No delimiters or protective framing instructions are provided to separate user data from the template structure.
Capability inventory: The skill utilizes the agent's ability to create and modify local HTML, CSS, and JS files.
Sanitization: The authoring guidelines do not include steps for validating or escaping user input before it is rendered into the final presentation.

html-ppt-testing-safety-alert