The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface. The skill ingests untrusted data from external sources (WebFetch, WebSearch) and local configuration files to calculate a 'Confidence Score' that influences agent reasoning. Malicious instructions embedded in external documentation could potentially bias the agent's decision to proceed with an implementation. * Ingestion points: WebFetch, WebSearch, and local files like PLANNING.md. * Boundary markers: Not present. * Capability inventory: Read-only access via Read, Grep, Glob, WebFetch, and WebSearch. No write or execute capabilities detected. * Sanitization: Not present.
[DATA_EXFILTRATION] (INFO): The skill performs network operations using WebFetch and WebSearch to access non-whitelisted domains for documentation and OSS references. This is consistent with its stated purpose and no evidence of sensitive data exfiltration (e.g., credentials) was found.

Confidence Check