The Agent Skills Directory

[NO_CODE]: The skill file consists entirely of markdown instructions and YAML metadata without any embedded scripts, shell commands, or executable code blocks.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process external data from Instagram profiles and posts, which is a common surface for indirect prompt injection if that content contains malicious instructions.
Ingestion points: External data flows into the agent through the instagram-profiles and instagram-posts collection keys in SKILL.md.
Boundary markers: The instructions do not explicitly define delimiters or specific 'ignore' instructions for the external content.
Capability inventory: The skill definition does not provide the agent with local file-system write access (outside its own work folder), network exfiltration tools, or command execution capabilities.
Sanitization: No explicit sanitization or filtering of the Instagram data is mentioned in the workflow.

instagram-account-research