The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) via web search results ingested in various steps. \n- Ingestion points: Web search data is processed in steps 02 through 06 (e.g., in references/domain-steps/step-02-domain-analysis.md) to populate the final report. \n- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for processing external web content. \n- Capability inventory: The agent has file-writing capabilities used to generate and update research reports (based on references/research.template.md). \n- Sanitization: There is no evidence of sanitization or filtering of web search content before it is appended to the research document.

domain-research