The Agent Skills Directory

[PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by fetching content from arbitrary URLs. • Ingestion points: scrape_url, extract_links, extract_metadata, search_page, and scrape_multiple in SKILL.md. • Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the scraped content. • Capability inventory: No dangerous write operations, command executions, or network exfiltration tools are identified in the skill. • Sanitization: No sanitization or content validation is mentioned. The risk is assessed as low due to the lack of exploitable capabilities.

web-scraping