The Agent Skills Directory

[PROMPT_INJECTION]: The brand identity package generator in references/brand-package.md creates a surface for indirect prompt injection. The agent is instructed to fill file templates with user-provided content, which could be exploited if malicious inputs are processed. * Ingestion points: User-provided values for discovery variables such as {{brand-name}}, {{brand-tagline}}, {{headline-example}}, and {{cta-example}} used across multiple templates. * Boundary markers: Absent within the SVG, CSS, and Markdown templates. * Capability inventory: The skill directs the agent to generate and write several file types (SVG, CSS, and MD) to the project's local file system under the brand-assets/ directory. * Sanitization: The skill does not provide any instructions for the agent to sanitize, validate, or escape user-provided strings before they are interpolated into the generated assets.

elite-brand-design