The Agent Skills Directory

[SAFE]: No network operations, hardcoded credentials, or obfuscated code segments were detected in the skill instructions or the associated Python script. The skill performs its stated purpose using standard file processing techniques.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted external data from bookmark HTML exports. Maliciously crafted bookmark titles or URLs could potentially contain instructions intended to influence the agent's behavior.
Ingestion points: The script scripts/reorganize_topic_bookmarks.py reads data from a user-specified file via the --input argument.
Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore content within the bookmark file.
Capability inventory: The skill performs file reading and writing (via pathlib.Path.read_text and write_text) but has no network or shell execution capabilities.
Sanitization: The script uses html.escape and html.unescape for text handling, which prevents HTML injection but does not filter for logical prompt instructions.

topic-bookmarks-reorganizer