The Agent Skills Directory

Category 8: Indirect Prompt Injection (INFO): The skill demonstrates patterns that ingest untrusted data (e.g., resource IDs from URLs or validation error messages from request bodies) and interpolates them into error response strings.
Ingestion points: analysis_id parameter in endpoints; request.url and exc.errors() in exception handlers.
Boundary markers: No specific delimiters used for interpolated data in error strings.
Capability inventory: Limited to returning JSON responses via FastAPI's JSONResponse.
Sanitization: The implementation uses f-strings for error details without explicit sanitization, but since the output is a structured API response intended for machine consumption/display and lacks write/execute capabilities, the risk is negligible.
Category 2: Data Exposure & Exfiltration (SAFE): The skill explicitly includes security checklists and code patterns that prevent information disclosure. For example, the generic 500 error handler returns a static 'An unexpected error occurred' message rather than exposing internal exception details or stack traces.

error-handling-rfc9457