The Agent Skills Directory

[PROMPT_INJECTION]: The skill establishes a workflow for ingesting and summarizing external files, creating an indirect prompt injection surface. * Ingestion points: Untrusted data is retrieved from external files via the context-fetch tool (SKILL.md). * Boundary markers: The instructions do not specify the use of delimiters or protective headers to isolate external content when loading snippets or full files. * Capability inventory: The skill utilizes file reading (context-fetch), file writing (STATE.md summaries), and session management commands (/pause, /resume). * Sanitization: No validation or escaping of external content is mandated before the data is interpreted and integrated into the agent's memory state.

token-budget