The Agent Skills Directory

[PROMPT_INJECTION]: The code example for Claude AI integration in SKILL.md demonstrates a pattern that is susceptible to indirect prompt injection when processing untrusted data.
Ingestion points: The content parameter within the analyze_with_claude function.
Boundary markers: The implementation lacks delimiters or instructions to the model to ignore potential instructions embedded in the user-supplied content.
Capability inventory: The code illustrates the use of tool calling (provide_analysis) via the Anthropic messages API, providing an execution path for instructions that might be injected via the input.
Sanitization: No input validation, escaping, or filtering mechanisms are included in the code snippet.

cc-skill-project-guidelines-example