The Agent Skills Directory

PROMPT_INJECTION (HIGH): High-risk Indirect Prompt Injection surface. The skill reads data from untrusted files in src/templates/*.ts and interpolates extracted strings into multiple sensitive locations. This can lead to the poisoning of other skills or the application UI.\n\t- Ingestion points: Template files located in src/templates/*.ts.\n\t- Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore embedded instructions within the template names or content.\n\t- Capability inventory: File modification capabilities for .skills/infographic-creator/SKILL.md, site/src/components/AIPlayground/Prompt.ts, and .skills/infographic-syntax-creator/references/prompt.md. Command execution capability via rg.\n\t- Sanitization: Absent. No logic exists to validate or escape the extracted template names before they are written to other files or used in commands.\n- COMMAND_EXECUTION (LOW): The skill invokes the rg (ripgrep) command using strings derived from the analyzed source files. While rg itself is a search tool, executing commands with untrusted input introduces a risk of command argument injection if template names contain shell-sensitive characters.

infographic-template-updater