The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructs agents to ingest and process untrusted data from external sources such as Google search results, web pages, and Reddit threads via tools like scrape_links and get_reddit_post. This creates an attack surface for Indirect Prompt Injection, where malicious instructions hidden in external content could attempt to influence the agent's behavior.
Ingestion points: scrape_links and get_reddit_post tools are used to pull external text into the agent context.
Boundary markers: The skill suggests using a structured deep_research template but does not implement explicit delimiters (e.g., XML tags) to isolate untrusted content from system instructions.
Capability inventory: The agent possesses capabilities for network operations (searching/scraping) and file access (as it is instructed to attach local code for context).
Sanitization: No programmatic sanitization is provided within the skill files as they are purely informational.
[NO_CODE]: The skill consists entirely of Markdown documentation and methodology guides. No scripts, executables, or automated installation commands are included in the package, which eliminates risks associated with remote code execution or malicious software within the skill itself.

research-powerpack-guide