The Agent Skills Directory

[External Downloads] (MEDIUM): The skill documentation mandates the use of @trigger.dev/sdk and zod. While established in the developer community, Trigger.dev is not on the pre-approved trusted source list, requiring verification of the package integrity.
[Indirect Prompt Injection] (MEDIUM): (Category 8) The skill is designed to ingest and process untrusted external data through task payloads, creating a vulnerability surface where malicious instructions could influence agent behavior.
Ingestion points: Payload parameters in task, schemaTask, and trigger calls within SKILL.md.
Boundary markers: Absent; there are no instructions or delimiters provided to isolate untrusted payload content from the agent's logic.
Capability inventory: The skill enables background job execution, remote task triggering, and network requests via retry.fetch, providing significant side-effect capabilities.
Sanitization: The documentation correctly recommends zod for schema validation, which helps prevent data-type confusion but does not inherently block natural language prompt injection within string fields.
[Command Execution] (LOW): The skill facilitates the execution of background tasks. While these are managed by the Trigger.dev platform, they involve running code defined in the task's run function, which must be carefully audited by the user.

tasks