The Agent Skills Directory

PROMPT_INJECTION (LOW): Detected an Indirect Prompt Injection surface. Ingestion points: Character names, home paths, and self-defined soul data enter the system through the INCARNATE, CEREMONY, and AUTHOR-SOUL methods. Boundary markers: The templates provided in examples/incarnation-wish.yml and ceremony-invocation.yml lack boundary markers or warnings to the LLM to ignore instructions potentially embedded in these user-provided strings. Capability inventory: The skill utilizes the read_file, write_file, and list_dir tools to persist this data into soul files (CHARACTER.yml). Sanitization: There is no evidence of sanitization, input validation, or escaping for character metadata strings before they are persisted.

incarnation