The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes dynamic context injection (the !command syntax) in scripts/backup-golden-dataset.md to run shell commands like find, pwd, and date automatically upon skill loading to populate environment details in a backup script template.
[PROMPT_INJECTION]: Curation and annotation workflows described in rules/curation-add-workflow.md and references/annotation-patterns.md involve fetching and processing content from external URLs (e.g., via WebFetch), which introduces a surface for indirect prompt injection. Ingestion points: WebFetch usage for URL content extraction in documented curation pipelines. Boundary markers: Prompts use simple variable interpolation (e.g., {content_preview}) but lack robust delimiters or instructions to ignore embedded instructions within the data. Capability inventory: The skill is configured with access to Read, Glob, Grep, WebFetch, and WebSearch tools. Sanitization: No explicit sanitization or filtering of fetched external content is mentioned.
[DATA_EXFILTRATION]: The scripts/backup-script.py and associated documentation facilitate the bulk export of dataset content (including analysis findings, artifacts, and chunks) to JSON files, which represents a potential path for data exfiltration if triggered in a malicious context.

golden-dataset