The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests user-provided claims through $ARGUMENTS and interpolates them directly into the instruction sets for sub-agents (e.g., Source Auditor, Self-Deception Hunter) in SKILL.md. This creates an indirect prompt injection surface where a malicious input could attempt to manipulate the sub-agents' behavior. * Ingestion points: The claim or analysis provided via $ARGUMENTS in SKILL.md. * Boundary markers: Not utilized; user content is interpolated without specific delimiters or instructions to ignore embedded commands. * Capability inventory: The skill utilizes Bash, Write, Edit, WebSearch, WebFetch, and TeamCreate tools. * Sanitization: No evidence of input escaping or validation before interpolation into sub-agent prompts.
[COMMAND_EXECUTION]: The skill utilizes the Bash tool to inspect environment variables and manages the dynamic execution of sub-agents with templated prompts. The identified shell commands are benign, and the dynamic execution is a standard component of its multi-agent auditing workflow.

feynman