The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill utilizes a provided script scripts/create_requirements_folder.py to create a timestamped directory structure. The script is limited to standard filesystem operations using the pathlib and os libraries and implements length-limiting and character-filtering (slugify) on folder names.
[EXTERNAL_DOWNLOADS] (SAFE): Uses Perplexity and Exa MCP servers for web-based travel research. These tools are used as intended for the skill's primary function and do not download executable code.
[PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface: The skill ingests raw user input and writes it directly into 00-initial-request.md without boundary markers or sanitization of the content. Evidence Chain: 1. Ingestion points: user_request argument in create_requirements_folder.py. 2. Boundary markers: Absent in generated markdown files. 3. Capability inventory: Local file modification and network access via MCP. 4. Sanitization: Only the folder name is sanitized; the actual file content is written as raw text, which could be exploited if the agent re-processes these files as instructions.

travel-requirements-expert