The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to perform local file system operations, specifically checking for the existence of the .ajtbd/ directory and creating it if necessary. These operations are limited to project state management.
[EXTERNAL_DOWNLOADS]: Utilizes the WebSearch tool to gather information about products and market segments from external web sources. This behavior is aligned with the skill's stated purpose of market analysis.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from user arguments and web search results without sanitization or boundary markers. Ingestion points: The $ARGUMENTS variable and outputs from the WebSearch tool are incorporated into the agent's context. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used for external data. Capability inventory: The agent has access to Bash, Write, Read, and Glob tools, which could be targeted by an injection attack. Sanitization: No input validation or sanitization logic is implemented for the processed external content.

ajtbd-b2b-segments