The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and summarize data from potentially untrusted external sources.
Ingestion points: The instruction files examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md direct the agent to retrieve information from Slack threads, emails, Google Drive documents, and external press releases.
Boundary markers: The instructions lack explicit boundary markers (e.g., XML tags or delimiters) or directives to treat retrieved data as strictly passive content, which may allow malicious instructions embedded in those sources to influence the agent's behavior.
Capability inventory: The skill instructs the agent to utilize integrated tools to read sensitive communication and document platforms to generate its output.
Sanitization: No mechanisms are defined for sanitizing or filtering instructions that might be contained within the source documents or messages.
[NO_CODE]: The skill consists entirely of Markdown instructions and guidelines. It contains no executable scripts, binaries, or configuration files that would perform operations outside of the agent's standard conversational or tool-use environment.

internal-comms