The Agent Skills Directory

[PROMPT_INJECTION]: The skill fetches and processes external markdown files from the domain getdesign.md, creating a surface for indirect prompt injection where malicious instructions could be embedded in design specifications. * Ingestion points: The reference file design-inspirations.md instructs the agent to fetch external DESIGN.md specs using the WebFetch tool. * Boundary markers: There are no specific instructions or delimiters used to separate the external content or to warn the agent against following instructions embedded within the fetched markdown. * Capability inventory: The skill itself is restricted to creative text generation and does not utilize high-risk capabilities like shell access, file system modification, or credential handling. * Sanitization: No sanitization or validation of the external content is performed before processing.
[EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to retrieve design systems from the domain getdesign.md. While these requests are transparent and support the skill's creative purpose, the domain is not part of the standard whitelist of trusted repositories.

creative-director