The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill implements a search functionality that retrieves potentially untrusted data from previous decision records. While this creates a theoretical surface for indirect injection, the risk is minimized as the skill lacks high-privilege capabilities such as shell access or arbitrary network requests. Evidence: Ingestion point in 'decision_search' returns; no explicit boundary markers or sanitization documented; capabilities limited to 'decision_record' and 'decision_search' (SKILL.md).- [Prompt Injection] (SAFE): Instructional text serves to define tool usage and documentation standards without attempting to bypass safety filters or override system constraints.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or commands to access sensitive files were found. The skill specifically advises against recording secrets or PII.- [Remote Code Execution] (SAFE): No remote script downloads, package installations, or dynamic code execution patterns are present.

decision-recording