The Agent Skills Directory

PROMPT_INJECTION (LOW): Vulnerable to indirect prompt injection through external data ingestion. Ingestion points: Processes untrusted data from meeting summaries and user conversations to 'extract tasks'. Boundary markers: No specific delimiters or instructions to ignore embedded commands are defined for the task extraction process. Capability inventory: Capability to read/write 'TASKS.md' and copy 'dashboard.html' in the current directory. Sanitization: No sanitization or validation of extracted task content is mentioned.
COMMAND_EXECUTION (LOW): References an external slash command '/productivity:start'. While not executing a shell command directly in the skill file, it encourages the user to run a tool with unknown capabilities and undefined source code.

task-management