The Agent Skills Directory

[SAFE]: The skill consists of a collection of Markdown files containing persona descriptions, topic frameworks, and instructional prompts. It does not include any scripts, executables, or tools that interact with the host system or external networks.
[EXTERNAL_DOWNLOADS]: No external package registries (npm, PyPI) are accessed, and no remote code execution patterns (curl | bash) were detected. All dependencies are internal Markdown files.
[DATA_EXFILTRATION]: The skill does not access sensitive system paths (e.g., .ssh, .aws) or environment variables. There are no network capabilities defined or requested.
[PROMPT_INJECTION]: The instructions provide stylistic and reasoning guidelines for adopting the Marc Andreessen persona, such as 'state the antithesis forcefully' and 'refuse the premise'. These are part of the intended expert-mimicry functionality and do not attempt to bypass agent safety filters or override system-level constraints.
[INDIRECT_PROMPT_INJECTION]: The skill processes user questions (ingestion point) and routes them to specific internal topic files. The instruction to 'Answer in that expert's voice using only the substance in the files you loaded' serves as a strong boundary marker that restricts the agent's knowledge to the provided documentation, mitigating the risk of following instructions embedded in untrusted user data. The skill lacks any capabilities (subprocess, file-write, network) that could be exploited via indirect injection.

dojo-marc-andreessen