The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection because its primary function is to ingest and analyze untrusted external data (curriculum materials).
Ingestion points: The content_path parameter in skill.py and the Materials input described in SKILL.md.
Boundary markers: None identified; the skill does not currently provide delimiters or instructions to the agent to ignore embedded commands within the materials.
Capability inventory: The provided skill.py is a stub that returns hardcoded status data and does not currently perform file system writes, network requests, or subprocess execution.
Sanitization: No sanitization or validation logic is present to filter malicious instructions within the processed documents.

curriculum-review-accessibility