The Agent Skills Directory

Indirect Prompt Injection (MEDIUM): The skill provides a C# script template that ingests untrusted data from an external source.
Ingestion points: The example script takes a url parameter in the Main method.
Boundary markers: The template lacks delimiters or instructions to ignore embedded commands in the fetched content.
Capability inventory: The script uses RestSharp for network requests and Newtonsoft.Json for deserialization, and returns the result to the caller (Windmill/Agent context).
Sanitization: No input validation or content filtering is shown in the provided pattern, allowing malicious remote content to influence the agent's downstream reasoning or actions.
Command Execution (LOW): The skill instructs the agent to execute local CLI commands for metadata generation and deployment.
Evidence: Usage of wmill script generate-metadata and wmill sync push in the instructions.
External Downloads (LOW): The instructions reference the use of external NuGet packages and a specific CLI tool.
Evidence: Usage of #r "nuget: ..." directives for Newtonsoft.Json and RestSharp and references to the wmill CLI tool.
Trust Scope: These are standard packages from the official NuGet gallery, but their use indicates a dependency on external, remotely-hosted code.

write-script-csharp