The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection. Ingestion points: The skill reads data from local source code files in the src/ directory through the grep and read tools as part of the research phase in references/analysis-phases.md. Boundary markers: There are no protective delimiters or instructions to the agent to ignore any command-like text or instructions found within the analyzed files. Capability inventory: The skill allows the use of Bash commands, file Write operations, and calls to the mcp__codex__codex-reply tool, which could be exploited if the agent follows instructions found in the researched code. Sanitization: No validation or sanitization is performed on the content of the researched files before it is processed or passed to the Codex discussion phase.

feasibility-study