The Agent Skills Directory

[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to process untrusted data from external sources.\n- Ingestion points: Stage 1 (Context Gathering) involves reading user-provided files, links to shared documents, and content from messaging channels (Slack, Teams) or document storage (Google Drive, SharePoint).\n- Boundary markers: The skill does not implement specific delimiters or safety instructions to prevent the agent from obeying commands embedded within the external documents it reads.\n- Capability inventory: The skill utilizes create_file and str_replace to generate and edit files on the user's system.\n- Sanitization: There are no sanitization or filtering steps defined for the external content before it is used to influence the drafting process.

doc-coauthoring