The Agent Skills Directory

[PROMPT_INJECTION]: The skill describes a robust mechanism for handling indirect prompt injection by wrapping retrieved memories in XML tags and prepending a clear warning to the agent to treat the content as untrusted plain text. Evidence Chain: (1) Ingestion points: memory_store tool and autoCapture hook. (2) Boundary markers: XML tags and 'UNTRUSTED DATA' warning block. (3) Capability inventory: Vector and BM25 search, management CLI, and JSONL file-based backups. (4) Sanitization: isNoise and filterNoise functions, and sanitizeForContext utility that strips HTML and limits message length.
[EXTERNAL_DOWNLOADS]: The documentation references official and well-known embedding and reranking providers as standard plugin dependencies. These include services for vector embedding and cross-encoder reranking.
[COMMAND_EXECUTION]: The skill documents a management CLI and a session distillation script intended for administrative and maintenance tasks. These tools are used for database migration, statistics, and re-embedding workflows.
[DATA_EXFILTRATION]: Network operations are confined to user-configured official API endpoints for embedding and reranking services. No unauthorized or suspicious data transmission patterns were identified.
[CREDENTIALS_UNSAFE]: The plugin configuration system uses environment variable resolution for API keys to prevent hardcoding of secrets in configuration files.

memory-lancedb-pro