The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes external data from tools and stores it in YAML state files. This data is later read back into context during synchronization or merging. * Ingestion points: room/activations/*.yml files. * Boundary markers: Absent. * Capability inventory: read_file, write_file, list_dir. * Sanitization: Absent.
[External Downloads] (SAFE): No remote resources or package installations are used.
[Data Exfiltration] (SAFE): File operations are local; no network-based data transmission detected.

multi-presence