The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Risk. The skill uses WebSearch and WebFetch to gather industry-specific journey patterns, competitor experiences, and customer reviews from the internet. This external data is untrusted and is used to generate a comprehensive customer-journey.md document. Without explicit boundary markers or sanitization logic, malicious instructions hidden in the retrieved web content could potentially influence the agent's behavior or output content.\n- Ingestion points: The WebSearch and WebFetch tools are used during the research phase as described in the 'Research Context' and 'Research Protocol' sections.\n- Boundary markers: Absent. The instructions do not define any delimiters or specific isolation patterns to separate external web data from the agent's internal logic.\n- Capability inventory: The skill is configured with Write, Edit, and Bash tools, providing the agent with the ability to modify the local file system and execute shell commands based on the processed information.\n- Sanitization: Absent. There are no instructions provided to validate, escape, or filter external content before it is interpolated into the final markdown deliverable.

customer-journey-mapper