The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates several command-line tools including kb, qmd, grep, git, and npm. These tools are used for vault management, indexing, searching, and structural auditing.
[EXTERNAL_DOWNLOADS]: The documentation recommends installing the @tobilu/qmd package from the official npm registry to enable search and indexing capabilities.
[PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data from URLs, YouTube transcripts, local files, and codebases. This creates a significant surface for indirect prompt injection, where malicious content in the sources could influence the agent's behavior during article compilation or query synthesis. \n
Ingestion points: kb ingest url, kb ingest file, kb ingest youtube, and kb ingest codebase in SKILL.md.\n
Boundary markers: No explicit boundary markers or "ignore embedded instructions" warnings are used when the LLM reads ingested content from the raw/ directory.\n
Capability inventory: The skill uses the kb CLI for file operations and ingestion, qmd for search, and shell utilities like grep and git for maintenance. In the hands of an injected prompt, these tools could be used to explore the local file system or repository.\n
Sanitization: The skill lacks explicit sanitization or validation of the content scraped from external URLs or codebases before it is processed by the LLM.

kb