The Agent Skills Directory

[Prompt Injection] (LOW): The skill provides Java templates that demonstrate a surface for indirect prompt injection by directly interpolating user input into AI prompt templates. ● Ingestion points: ChatService.chat(message) and PromptService.generatePrompt(style, question) in SKILL.md. ● Boundary markers: Absent in the provided code snippets. ● Capability inventory: The library (ChatClient) is designed to facilitate network communication with LLM APIs. ● Sanitization: No input validation or sanitization logic is included in the examples.
[Credentials Exposure] (SAFE): The documentation correctly guides users to use environment variables (${DASHSCOPE_API_KEY}) for API keys, avoiding hardcoded secrets.

spring-ai-alibaba