The Agent Skills Directory

[DATA_EXFILTRATION]: The skill provides patterns for instrumenting and displaying internal system data, including database query structures, parameters, and sample results. While intended for local development use, this creates a systematic exposure surface for sensitive application data if the visualization routes are improperly secured or if sensitive information is not filtered before being rendered in the interface.
[PROMPT_INJECTION]: The skill creates an indirect injection surface by ingesting and rendering untrusted data from various system sources into a web interface. Ingestion points: Data enters the agent-generated interface via component props, event payloads, and database result sets as described in the implementation patterns. Boundary markers: The provided code snippets do not include explicit boundary markers or instructions to treat ingested data as untrusted or to ignore potentially embedded instructions. Capability inventory: The skill's primary function is restricted to UI-based visualization and does not implement high-risk capabilities such as arbitrary command execution, filesystem modification, or direct network exfiltration. Sanitization: There is no evidence of data sanitization or escaping in the rendering logic, which could allow malicious content in processed data to influence the interface or downstream agent actions.

explanatory-playground