The Agent Skills Directory

Prompt Injection (LOW): The skill creates a surface for indirect prompt injection by processing untrusted user feedback and conversation history to recommend modifications to agent logic. • Ingestion points: Processes 'Quality feedback' and 'User contribution' from the conversation history. • Boundary markers: No explicit delimiters are defined to isolate external data from the skill's decision-making logic. • Capability inventory: Triggers the $skill-creator tool to modify or create files within the .codex/skills/ directory. • Sanitization: Includes specific instructions to exclude sensitive or personal data from generated examples, providing a partial mitigation.

skill-innovation-retrospective