The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted user data (such as topics, descriptions, and audience names) and interpolates it directly into prompts for LLM tools without using boundary markers or sanitization. 1. Ingestion points: templates/typescript/content-generator.ts, templates/python/content_generator.py, and various markdown templates in templates/prompts/. 2. Boundary markers: Absent in all generation templates; simple string interpolation is used. 3. Capability inventory: The skill has access to Bash(*), Write(*), and mcp__content-image-generation(*), which significantly increases the impact of a successful injection. 4. Sanitization: No evidence of input validation, escaping, or filtering of external content before prompt construction.

ai-content-generation