The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes content from dozens of untrusted external platforms. 1. Ingestion points: Data is fetched from sources including Sidebar.io, Hacker News, Kickstarter, Dezeen, GitHub, Product Hunt, Dribbble, Awwwards, Behance, Muzli, and 31 Twitter/X accounts. 2. Boundary markers: Absent; the instructions do not specify any delimiters or safety warnings to distinguish between fetched content and agent instructions. 3. Capability inventory: The agent has file-write capabilities to the local workspace (NewsReport folder) and access to web-fetching tools (WebFetch, Chrome MCP). 4. Sanitization: No methods for escaping or validating the external content are described before it is formatted into the final report.
EXTERNAL_DOWNLOADS (LOW): The skill performs frequent network requests to a wide variety of non-whitelisted domains to aggregate daily news content.

daily-news