The Agent Skills Directory

[SAFE]: The skill consists entirely of documentation and instructional code snippets for using the native Frappe framework notification APIs. It does not perform any actions itself.
[DATA_EXPOSURE]: The documentation references the 'Email Account' DocType, which is used by the framework to store SMTP and IMAP credentials. It provides information on how the system manages these credentials but does not expose any actual secrets or encourage unsafe storage practices.
[INDIRECT_PROMPT_INJECTION]: The skill describes using Jinja templates for email rendering (e.g., {{ doc.name }}, {{ comments[-1].comment }}). While this represents a surface area where user-supplied data is processed, the documentation adheres to standard framework usage and does not introduce specific vulnerabilities. Ingestion points: Document fields and comments processed in Jinja templates (SKILL.md). Boundary markers: None specified in documentation. Capability inventory: frappe.sendmail, frappe.publish_realtime (SKILL.md, API Reference). Sanitization: Standard Jinja rendering via Frappe is assumed; no additional sanitization logic is discussed.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns or external script downloads were found. The examples exclusively use internal framework methods.

frappe-core-notifications