The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted text from the web (e.g., Reddit posts, Hacker News comments) to automatically draft community responses. Ingestion points: search_external_content and commonroom_list_objects fetch data from various external platforms. Boundary markers: There are no specified delimiters or instructions to ignore embedded commands when processing the external content. Capability inventory: The skill has access to manage_intel_records (write), search_docs (read), and WebFetch (read). Sanitization: No filtering or validation of the retrieved external content is described before it is used to influence response drafting.
[DATA_EXFILTRATION]: The skill performs network operations via WebFetch to retrieve view counts and profile information from external sites like Stack Overflow. It also stores gathered insights in the author's 'Tiger Den' via the manage_intel_records tool. These actions are fundamental to the skill's functionality and are performed using the vendor's own tools and identified platforms.

community-signal-digest