The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of user-supplied requirements. Ingestion points: Untrusted data enters the agent context via the {{SKILL_REQUEST_BUNDLE}} placeholder in SKILL.md. Boundary markers: The requirements bundle is wrapped in triple-dash (---) delimiters, which provides basic structural separation but is insufficient to prevent instruction override. Capability inventory: The agent has the ability to execute provided shell scripts (scripts/generate-skill-template.sh, scripts/validate-bundle.sh), perform file system operations, and utilize web search tools (searxng). Sanitization: No programmatic sanitization or filtering of the input is performed; the skill relies on internal cognitive instructions (e.g., mode_prompt_injection_defense) to mitigate malicious inputs.\n- [COMMAND_EXECUTION]: The skill provides functional shell scripts to automate the skill creation workflow. While the scripts include basic validation (e.g., enforcing kebab-case for skill names), they represent a capability for the agent to generate and validate executable content, which could be exploited if the agent is compromised via prompt injection.\n- [EXTERNAL_DOWNLOADS]: The skill's documentation and references mention the npx skills CLI tool and the agentskills.io domain. These are well-known resources within the Agent Skills ecosystem and are mentioned for integration purposes.

hypercognitive-skill-compiler