The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): The skill is designed to ingest untrusted external data and use it to drive agent reasoning and document generation, creating a vulnerability surface where instructions embedded in legal documents could manipulate the agent.
Ingestion points: The references/workflow-collecte.md file defines points where the agent collects contracts, invoices, and correspondence (Phases 2, 3, and 5).
Boundary markers: None. There are no instructions for the agent to use delimiters or to disregard natural language instructions found within the user-provided legal documents.
Capability inventory: The SKILL.md (Phase 5) grants the agent the capability to generate and export .docx documents based on the collected untrusted data.
Sanitization: No validation or filtering of the ingested document content is specified.
[No Code] (INFO): The provided skill files consist entirely of Markdown instructions and workflows. No executable scripts, binary files, or configuration files (like package.json or requirements.txt) were found.

assignation-refere-recouvrement-creance-selim-brihi