The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion points: untrusted data enters the agent context from discovery.md and inputs/* files during the briefing generation process. Boundary markers: there are no explicit delimiters or instructions to ignore embedded commands in the source files. Capability inventory: across all files, the agent is restricted to reading local files and writing markdown or HTML files, with no network, shell, or system-level execution capabilities. Sanitization: there is no evidence of validation or escaping for content interpolated from input files into the briefing or HTML prototype.
[COMMAND_EXECUTION]: The skill generates an index.html file containing inline JavaScript for UI prototyping. This code is used for simulating navigation and UI states (loading, error, etc.) based on data from the briefing. This generation is low risk as the code is intended for browser-based preview and is not executed within the agent's operational environment.

lf-briefing-ux