The Agent Skills Directory

[SAFE]: The skill performs legitimate file operations (reading documentation and writing to a blog topics file) that are strictly aligned with its stated purpose of generating blog ideas. No unauthorized file access or exfiltration patterns were found.
[SAFE]: No network operations, external downloads, or third-party package dependencies were detected. The skill relies on built-in references and provided client context.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from multiple documentation sources (e.g., docs/en/company-profile.md, docs/en/pages.md). While this creates an attack surface for indirect prompt injection, the skill lacks dangerous capabilities such as network access or shell execution, limiting the impact to potential output manipulation.
Ingestion points: Reads multiple files in docs/en/, docs/sector-brief.md, docs/style-brief.md, and src/pages/en/blog/ to build context.
Boundary markers: The instructions do not define explicit delimiters for the content of read files, but they do require structured output formatting.
Capability inventory: The skill has the capability to read local files and write results to docs/blogs/topics.md. It has no network or shell execution capabilities.
Sanitization: No explicit sanitization or validation of the input file content is performed prior to processing.

blog-idea-generator