The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its data ingestion patterns. \n- Ingestion points: CRM contact information, activity history, and deal context retrieved via 'get_contact', 'list_activities', and 'list_deals' actions in SKILL.md. \n- Boundary markers: The skill does not utilize delimiters or specific instructions to isolate or ignore potentially malicious instructions embedded in the CRM data fields. \n- Capability inventory: The skill possesses 'crm' read capabilities and 'tasks' write capabilities to create reminder objects. \n- Sanitization: No explicit sanitization, validation, or escaping of CRM field content is performed before the data is used to generate connection messages.

LinkedIn Connect Reminder