The Agent Skills Directory

[Category 4: External Downloads] (LOW): The installation instructions in README.md point to a GitHub repository (yarlson/skills) that is not on the trusted list. This is a reference for the skill's source and does not represent a runtime dependency for execution.- [Category 8: Indirect Prompt Injection] (INFO): The skill identifies a surface for indirect injection by ingesting data from other tools. Ingestion points: Marketing site content and product surface maps as defined in SKILL.md. Boundary markers: Absent; untrusted data is not delimited. Capability inventory: The skill is strictly limited to generating markdown documentation; it has no access to subprocesses, network operations, or sensitive file system writes. Sanitization: Includes a specific 'Untrusted-input policy' instructing the agent to ignore embedded commands.

saas-site-design